Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-33953
Vulnerability from cvelistv5
Published
2023-08-09 12:54
Modified
2024-09-27 18:40
Severity ?
EPSS score ?
0.16%
(0.32973)
Summary
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:54:14.192Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "grpc", vendor: "grpc", versions: [ { lessThan: "1.53.2", status: "affected", version: "0", versionType: "custom", }, { lessThan: "154.3", status: "affected", version: "1.54", versionType: "custom", }, { lessThan: "1.55.2", status: "affected", version: "1.55", versionType: "custom", }, { lessThan: "1.56.2", status: "affected", version: "1.56", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-33953", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-27T17:54:21.539206Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-27T18:40:52.297Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "gRPC", vendor: "Google", versions: [ { lessThan: "1.56.1", status: "affected", version: "0", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:<br><br>- Unbounded memory buffering in the HPACK parser<br>- Unbounded CPU consumption in the HPACK parser<br><br>The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.<br><br>The unbounded memory buffering bugs:<br><br>- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.<br>- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.<br>- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", }, ], value: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", }, ], impacts: [ { capecId: "CAPEC-220", descriptions: [ { lang: "en", value: "CAPEC-220 Client-Server Protocol Manipulation", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-834", description: "CWE-834 Excessive Iteration", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-789", description: "CWE-789 Memory Allocation with Excessive Size Value", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-09T12:54:47.415Z", orgId: "14ed7db2-1595-443d-9d34-6215bf890778", shortName: "Google", }, references: [ { url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, ], source: { discovery: "UNKNOWN", }, title: "Denial-of-Service in gRPC", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "14ed7db2-1595-443d-9d34-6215bf890778", assignerShortName: "Google", cveId: "CVE-2023-33953", datePublished: "2023-08-09T12:54:47.415Z", dateReserved: "2023-05-24T12:08:31.409Z", dateUpdated: "2024-09-27T18:40:52.297Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\", \"versionEndExcluding\": \"1.53.2\", \"matchCriteriaId\": \"5278AD31-21EB-4A2E-89FE-D2E765AC4507\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\", \"versionStartIncluding\": \"1.54.0\", \"versionEndExcluding\": \"1.54.3\", \"matchCriteriaId\": \"1A6B7840-8878-4F83-977A-1AF53E103F51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\", \"versionStartIncluding\": \"1.55.0\", \"versionEndExcluding\": \"1.55.2\", \"matchCriteriaId\": \"12899AA9-F4C9-4E74-B423-8AD74F043758\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\", \"versionStartIncluding\": \"1.56.0\", \"versionEndExcluding\": \"1.56.2\", \"matchCriteriaId\": \"C4864589-BDBC-4F3D-9175-DA7800480B87\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/\\u00a0Three vectors were found that allow the following DOS attacks:\\n\\n- Unbounded memory buffering in the HPACK parser\\n- Unbounded CPU consumption in the HPACK parser\\n\\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\\n\\nThe unbounded memory buffering bugs:\\n\\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\\n- HPACK varints have an encoding quirk whereby an infinite number of 0\\u2019s can be added at the start of an integer. gRPC\\u2019s hpack parser needed to read all of them before concluding a parse.\\n- gRPC\\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\\u2026\"}, {\"lang\": \"es\", \"value\": \"gRPC contiene una vulnerabilidad que permite que los errores de contabilidad de la tabla hpack puedan provocar desconexiones no deseadas entre clientes y servidores en casos excepcionales/ Se han encontrado tres vectores que permiten los siguientes ataques DOS:\\n\\n- Memoria intermedia ilimitada en el analizador sint\\u00e1ctico HPACK\\n- Consumo ilimitado de CPU en el analizador sint\\u00e1ctico HPACK\\n\\nEl consumo ilimitado de CPU se debe a una copia que se produc\\u00eda por bloque de entrada en el analizador sint\\u00e1ctico, y dado que podr\\u00eda ser ilimitada debido al error de copia de memoria, acabamos con un bucle de an\\u00e1lisis sint\\u00e1ctico O(n^2), con n seleccionado por el cliente.\\n\\nEl error de memoria intermedia no limitada:\\n\\n- La comprobaci\\u00f3n del l\\u00edmite de tama\\u00f1o de la cabecera estaba detr\\u00e1s del c\\u00f3digo de lectura de cadenas, por lo que necesit\\u00e1bamos primero almacenar en b\\u00fafer hasta una cadena de 4 gigabytes antes de rechazarla como m\\u00e1s larga de 8 o 16kb.\\n- Las varints HPACK tienen una peculiaridad de codificaci\\u00f3n por la que se puede a\\u00f1adir un n\\u00famero infinito de ceros al principio de un entero. El analizador hpack de gRPC necesitaba leerlos todos antes de concluir el an\\u00e1lisis.\\n- La comprobaci\\u00f3n de desbordamiento de metadatos de gRPC se realizaba por fotograma, por lo que la siguiente secuencia de fotogramas pod\\u00eda causar un buffering infinito: CABECERAS: contiene un: 1 CONTINUACI\\u00d3N: contiene un: 2 CONTINUACI\\u00d3N: contiene un: 3 etc?\"}]", id: "CVE-2023-33953", lastModified: "2024-11-21T08:06:17.007", metrics: "{\"cvssMetricV31\": [{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2023-08-09T13:15:09.370", references: "[{\"url\": \"https://cloud.google.com/support/bulletins#gcp-2023-022\", \"source\": \"cve-coordination@google.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://cloud.google.com/support/bulletins#gcp-2023-022\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]", sourceIdentifier: "cve-coordination@google.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"cve-coordination@google.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-789\"}, {\"lang\": \"en\", \"value\": \"CWE-834\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}, {\"lang\": \"en\", \"value\": \"CWE-834\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-33953\",\"sourceIdentifier\":\"cve-coordination@google.com\",\"published\":\"2023-08-09T13:15:09.370\",\"lastModified\":\"2024-11-21T08:06:17.007\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\\n\\n- Unbounded memory buffering in the HPACK parser\\n- Unbounded CPU consumption in the HPACK parser\\n\\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\\n\\nThe unbounded memory buffering bugs:\\n\\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…\"},{\"lang\":\"es\",\"value\":\"gRPC contiene una vulnerabilidad que permite que los errores de contabilidad de la tabla hpack puedan provocar desconexiones no deseadas entre clientes y servidores en casos excepcionales/ Se han encontrado tres vectores que permiten los siguientes ataques DOS:\\n\\n- Memoria intermedia ilimitada en el analizador sintáctico HPACK\\n- Consumo ilimitado de CPU en el analizador sintáctico HPACK\\n\\nEl consumo ilimitado de CPU se debe a una copia que se producía por bloque de entrada en el analizador sintáctico, y dado que podría ser ilimitada debido al error de copia de memoria, acabamos con un bucle de análisis sintáctico O(n^2), con n seleccionado por el cliente.\\n\\nEl error de memoria intermedia no limitada:\\n\\n- La comprobación del límite de tamaño de la cabecera estaba detrás del código de lectura de cadenas, por lo que necesitábamos primero almacenar en búfer hasta una cadena de 4 gigabytes antes de rechazarla como más larga de 8 o 16kb.\\n- Las varints HPACK tienen una peculiaridad de codificación por la que se puede añadir un número infinito de ceros al principio de un entero. El analizador hpack de gRPC necesitaba leerlos todos antes de concluir el análisis.\\n- La comprobación de desbordamiento de metadatos de gRPC se realizaba por fotograma, por lo que la siguiente secuencia de fotogramas podía causar un buffering infinito: CABECERAS: contiene un: 1 CONTINUACIÓN: contiene un: 2 CONTINUACIÓN: contiene un: 3 etc?\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"cve-coordination@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-789\"},{\"lang\":\"en\",\"value\":\"CWE-834\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"},{\"lang\":\"en\",\"value\":\"CWE-834\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionEndExcluding\":\"1.53.2\",\"matchCriteriaId\":\"5278AD31-21EB-4A2E-89FE-D2E765AC4507\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionStartIncluding\":\"1.54.0\",\"versionEndExcluding\":\"1.54.3\",\"matchCriteriaId\":\"1A6B7840-8878-4F83-977A-1AF53E103F51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionStartIncluding\":\"1.55.0\",\"versionEndExcluding\":\"1.55.2\",\"matchCriteriaId\":\"12899AA9-F4C9-4E74-B423-8AD74F043758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*\",\"versionStartIncluding\":\"1.56.0\",\"versionEndExcluding\":\"1.56.2\",\"matchCriteriaId\":\"C4864589-BDBC-4F3D-9175-DA7800480B87\"}]}]}],\"references\":[{\"url\":\"https://cloud.google.com/support/bulletins#gcp-2023-022\",\"source\":\"cve-coordination@google.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://cloud.google.com/support/bulletins#gcp-2023-022\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", vulnrichment: { containers: "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"gRPC\", \"vendor\": \"Google\", \"versions\": [{\"lessThan\": \"1.56.1\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:<br><br>- Unbounded memory buffering in the HPACK parser<br>- Unbounded CPU consumption in the HPACK parser<br><br>The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.<br><br>The unbounded memory buffering bugs:<br><br>- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.<br>- HPACK varints have an encoding quirk whereby an infinite number of 0\\u2019s can be added at the start of an integer. gRPC\\u2019s hpack parser needed to read all of them before concluding a parse.<br>- gRPC\\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\\u2026\"}], \"value\": \"gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/\\u00a0Three vectors were found that allow the following DOS attacks:\\n\\n- Unbounded memory buffering in the HPACK parser\\n- Unbounded CPU consumption in the HPACK parser\\n\\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\\n\\nThe unbounded memory buffering bugs:\\n\\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\\n- HPACK varints have an encoding quirk whereby an infinite number of 0\\u2019s can be added at the start of an integer. gRPC\\u2019s hpack parser needed to read all of them before concluding a parse.\\n- gRPC\\u2019s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc\\u2026\"}], \"impacts\": [{\"capecId\": \"CAPEC-220\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-220 Client-Server Protocol Manipulation\"}]}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"version\": \"3.1\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-834\", \"description\": \"CWE-834 Excessive Iteration\", \"lang\": \"en\", \"type\": \"CWE\"}]}, {\"descriptions\": [{\"cweId\": \"CWE-789\", \"description\": \"CWE-789 Memory Allocation with Excessive Size Value\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"orgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"shortName\": \"Google\", \"dateUpdated\": \"2023-08-09T12:54:47.415Z\"}, \"references\": [{\"url\": \"https://cloud.google.com/support/bulletins#gcp-2023-022\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"title\": \"Denial-of-Service in gRPC\", \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T15:54:14.192Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cloud.google.com/support/bulletins#gcp-2023-022\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-33953\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-27T17:54:21.539206Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*\"], \"vendor\": \"grpc\", \"product\": \"grpc\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.53.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.54\", \"lessThan\": \"154.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.55\", \"lessThan\": \"1.55.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.56\", \"lessThan\": \"1.56.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-27T18:40:44.014Z\"}}]}", cveMetadata: "{\"cveId\": \"CVE-2023-33953\", \"assignerOrgId\": \"14ed7db2-1595-443d-9d34-6215bf890778\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Google\", \"dateReserved\": \"2023-05-24T12:08:31.409Z\", \"datePublished\": \"2023-08-09T12:54:47.415Z\", \"dateUpdated\": \"2024-09-27T18:40:52.297Z\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
fkie_cve-2023-33953
Vulnerability from fkie_nvd
Published
2023-08-09 13:15
Modified
2024-11-21 08:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "5278AD31-21EB-4A2E-89FE-D2E765AC4507", versionEndExcluding: "1.53.2", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "1A6B7840-8878-4F83-977A-1AF53E103F51", versionEndExcluding: "1.54.3", versionStartIncluding: "1.54.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "12899AA9-F4C9-4E74-B423-8AD74F043758", versionEndExcluding: "1.55.2", versionStartIncluding: "1.55.0", vulnerable: true, }, { criteria: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", matchCriteriaId: "C4864589-BDBC-4F3D-9175-DA7800480B87", versionEndExcluding: "1.56.2", versionStartIncluding: "1.56.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", }, { lang: "es", value: "gRPC contiene una vulnerabilidad que permite que los errores de contabilidad de la tabla hpack puedan provocar desconexiones no deseadas entre clientes y servidores en casos excepcionales/ Se han encontrado tres vectores que permiten los siguientes ataques DOS:\n\n- Memoria intermedia ilimitada en el analizador sintáctico HPACK\n- Consumo ilimitado de CPU en el analizador sintáctico HPACK\n\nEl consumo ilimitado de CPU se debe a una copia que se producía por bloque de entrada en el analizador sintáctico, y dado que podría ser ilimitada debido al error de copia de memoria, acabamos con un bucle de análisis sintáctico O(n^2), con n seleccionado por el cliente.\n\nEl error de memoria intermedia no limitada:\n\n- La comprobación del límite de tamaño de la cabecera estaba detrás del código de lectura de cadenas, por lo que necesitábamos primero almacenar en búfer hasta una cadena de 4 gigabytes antes de rechazarla como más larga de 8 o 16kb.\n- Las varints HPACK tienen una peculiaridad de codificación por la que se puede añadir un número infinito de ceros al principio de un entero. El analizador hpack de gRPC necesitaba leerlos todos antes de concluir el análisis.\n- La comprobación de desbordamiento de metadatos de gRPC se realizaba por fotograma, por lo que la siguiente secuencia de fotogramas podía causar un buffering infinito: CABECERAS: contiene un: 1 CONTINUACIÓN: contiene un: 2 CONTINUACIÓN: contiene un: 3 etc?", }, ], id: "CVE-2023-33953", lastModified: "2024-11-21T08:06:17.007", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "cve-coordination@google.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-09T13:15:09.370", references: [ { source: "cve-coordination@google.com", tags: [ "Vendor Advisory", ], url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, ], sourceIdentifier: "cve-coordination@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-789", }, { lang: "en", value: "CWE-834", }, ], source: "cve-coordination@google.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, { lang: "en", value: "CWE-834", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
SSA-093430
Vulnerability from csaf_siemens
Published
2024-05-14 00:00
Modified
2024-06-11 00:00
Summary
SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0
Notes
Summary
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-093430.html", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-093430.pdf", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-093430.txt", }, ], title: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0", tracking: { current_release_date: "2024-06-11T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-093430", initial_release_date: "2024-05-14T00:00:00Z", revision_history: [ { date: "2024-05-14T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-06-11T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added specific mitigation for CVE-2024-30207", }, ], status: "interim", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", product_id: "1", product_identification_helper: { model_numbers: [ "6GT2780-0DA00", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", product_id: "2", product_identification_helper: { model_numbers: [ "6GT2780-0DA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", product_id: "3", product_identification_helper: { model_numbers: [ "6GT2780-0DA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", product_id: "4", product_identification_helper: { model_numbers: [ "6GT2780-0DA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", product_id: "5", product_identification_helper: { model_numbers: [ "6GT2780-1EA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", product_id: "6", product_identification_helper: { model_numbers: [ "6GT2780-1EA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", product_id: "7", product_identification_helper: { model_numbers: [ "6GT2780-1EA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.\r\n\r\nImpact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes.\r\n\r\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\r\n\r\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse.\r\n\r\nBoth truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical.\r\n\r\nChanging the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall.\r\n\r\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\r\n\r\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary.\r\n\r\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "PC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with a parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…\r\n- Unbounded memory buffering in the HPACK parser\r\n- Unbounded CPU consumption in the HPACK parser\r\n\r\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an parsing loop, with n selected by the client.\r\n\r\nThe unbounded memory buffering bugs:\r\n\r\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\r\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\r\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-38039", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38039", }, { cve: "CVE-2023-38545", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38545", }, { cve: "CVE-2023-38546", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38546", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2024-30206", cwe: { id: "CWE-494", name: "Download of Code Without Integrity Check", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. \r\nA successful exploit requires the attacker to be able to modify the communication between server and client on the network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30206", }, { cve: "CVE-2024-30207", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "summary", text: "The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system.\r\nA successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Protect all communication between RTLS Clients and the Server using a secure channel, e.g. an appropriate VPN solution. Ensure that the configured Server ports are exclusively reachable via the VPN as described in the installation manual", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30207", }, { cve: "CVE-2024-30208", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The \"DBTest\" tool of SIMATIC RTLS Locating Manager does not properly enforce access restriction. This could allow an authenticated local attacker to extract sensitive information from memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30208", }, { cve: "CVE-2024-30209", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "Affected systems transmit client-side resources without proper cryptographic protection. This could allow an attacker to eavesdrop on and modify resources in transit. A successful exploit requires an attacker to be in the network path between the RTLS Locating Manager server and a client (MitM).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30209", }, { cve: "CVE-2024-33494", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Affected components do not properly authenticate heartbeat messages. This could allow an unauthenticated remote attacker to affected the availability of secondary RTLS systems configured using a TeeRevProxy service and potentially cause loss of data generated during the time the attack is ongoing.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33494", }, { cve: "CVE-2024-33495", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33495", }, { cve: "CVE-2024-33496", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33496", }, { cve: "CVE-2024-33497", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33497", }, { cve: "CVE-2024-33498", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33498", }, { cve: "CVE-2024-33499", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33499", }, { cve: "CVE-2024-33583", cwe: { id: "CWE-912", name: "Hidden Functionality", }, notes: [ { category: "summary", text: "Affected application contains a hidden configuration item to enable debug functionality. This could allow an authenticated local attacker to gain insight into the internal configuration of the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33583", }, ], }
ssa-093430
Vulnerability from csaf_siemens
Published
2024-05-14 00:00
Modified
2024-06-11 00:00
Summary
SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0
Notes
Summary
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-093430.html", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-093430.pdf", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-093430.txt", }, ], title: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0", tracking: { current_release_date: "2024-06-11T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-093430", initial_release_date: "2024-05-14T00:00:00Z", revision_history: [ { date: "2024-05-14T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-06-11T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added specific mitigation for CVE-2024-30207", }, ], status: "interim", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", product_id: "1", product_identification_helper: { model_numbers: [ "6GT2780-0DA00", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", product_id: "2", product_identification_helper: { model_numbers: [ "6GT2780-0DA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", product_id: "3", product_identification_helper: { model_numbers: [ "6GT2780-0DA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", product_id: "4", product_identification_helper: { model_numbers: [ "6GT2780-0DA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", product_id: "5", product_identification_helper: { model_numbers: [ "6GT2780-1EA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", product_id: "6", product_identification_helper: { model_numbers: [ "6GT2780-1EA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", product_id: "7", product_identification_helper: { model_numbers: [ "6GT2780-1EA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.\r\n\r\nImpact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes.\r\n\r\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\r\n\r\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse.\r\n\r\nBoth truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical.\r\n\r\nChanging the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall.\r\n\r\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\r\n\r\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary.\r\n\r\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "PC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with a parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…\r\n- Unbounded memory buffering in the HPACK parser\r\n- Unbounded CPU consumption in the HPACK parser\r\n\r\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an parsing loop, with n selected by the client.\r\n\r\nThe unbounded memory buffering bugs:\r\n\r\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\r\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\r\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-38039", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38039", }, { cve: "CVE-2023-38545", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38545", }, { cve: "CVE-2023-38546", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-38546", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2024-30206", cwe: { id: "CWE-494", name: "Download of Code Without Integrity Check", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. \r\nA successful exploit requires the attacker to be able to modify the communication between server and client on the network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30206", }, { cve: "CVE-2024-30207", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "summary", text: "The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system.\r\nA successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Protect all communication between RTLS Clients and the Server using a secure channel, e.g. an appropriate VPN solution. Ensure that the configured Server ports are exclusively reachable via the VPN as described in the installation manual", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30207", }, { cve: "CVE-2024-30208", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The \"DBTest\" tool of SIMATIC RTLS Locating Manager does not properly enforce access restriction. This could allow an authenticated local attacker to extract sensitive information from memory.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30208", }, { cve: "CVE-2024-30209", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "Affected systems transmit client-side resources without proper cryptographic protection. This could allow an attacker to eavesdrop on and modify resources in transit. A successful exploit requires an attacker to be in the network path between the RTLS Locating Manager server and a client (MitM).", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-30209", }, { cve: "CVE-2024-33494", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Affected components do not properly authenticate heartbeat messages. This could allow an unauthenticated remote attacker to affected the availability of secondary RTLS systems configured using a TeeRevProxy service and potentially cause loss of data generated during the time the attack is ongoing.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33494", }, { cve: "CVE-2024-33495", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33495", }, { cve: "CVE-2024-33496", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33496", }, { cve: "CVE-2024-33497", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33497", }, { cve: "CVE-2024-33498", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33498", }, { cve: "CVE-2024-33499", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33499", }, { cve: "CVE-2024-33583", cwe: { id: "CWE-912", name: "Hidden Functionality", }, notes: [ { category: "summary", text: "Affected application contains a hidden configuration item to enable debug functionality. This could allow an authenticated local attacker to gain insight into the internal configuration of the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", "4", "5", "6", "7", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", "4", "5", "6", "7", ], }, ], title: "CVE-2024-33583", }, ], }
ICSA-24-137-07
Vulnerability from csaf_cisa
Published
2024-05-14 00:00
Modified
2024-06-11 00:00
Summary
Siemens SIMATIC RTLS Locating Manager
Notes
Summary
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-093430.html", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-093430.pdf", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-093430.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-137-07 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-137-07.json", }, { category: "self", summary: "ICS Advisory ICSA-24-137-07 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-137-07", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SIMATIC RTLS Locating Manager", tracking: { current_release_date: "2024-06-11T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-24-137-07", initial_release_date: "2024-05-14T00:00:00.000000Z", revision_history: [ { date: "2024-05-14T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-06-11T00:00:00.000000Z", legacy_version: "1.1", number: "2", summary: "Added specific mitigation for CVE-2024-30207", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GT2780-0DA00", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GT2780-0DA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GT2780-0DA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GT2780-0DA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GT2780-1EA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GT2780-1EA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GT2780-1EA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.\r\n\r\nImpact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes.\r\n\r\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\r\n\r\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse.\r\n\r\nBoth truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical.\r\n\r\nChanging the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall.\r\n\r\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\r\n\r\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary.\r\n\r\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "PC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with a parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…\r\n- Unbounded memory buffering in the HPACK parser\r\n- Unbounded CPU consumption in the HPACK parser\r\n\r\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an parsing loop, with n selected by the client.\r\n\r\nThe unbounded memory buffering bugs:\r\n\r\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\r\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\r\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-38039", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38039", }, { cve: "CVE-2023-38545", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38545", }, { cve: "CVE-2023-38546", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38546", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2024-30206", cwe: { id: "CWE-494", name: "Download of Code Without Integrity Check", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. \r\nA successful exploit requires the attacker to be able to modify the communication between server and client on the network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30206", }, { cve: "CVE-2024-30207", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "summary", text: "The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system.\r\nA successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Protect all communication between RTLS Clients and the Server using a secure channel, e.g. an appropriate VPN solution. Ensure that the configured Server ports are exclusively reachable via the VPN as described in the installation manual", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30207", }, { cve: "CVE-2024-30208", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The \"DBTest\" tool of SIMATIC RTLS Locating Manager does not properly enforce access restriction. This could allow an authenticated local attacker to extract sensitive information from memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30208", }, { cve: "CVE-2024-30209", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "Affected systems transmit client-side resources without proper cryptographic protection. This could allow an attacker to eavesdrop on and modify resources in transit. A successful exploit requires an attacker to be in the network path between the RTLS Locating Manager server and a client (MitM).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30209", }, { cve: "CVE-2024-33494", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Affected components do not properly authenticate heartbeat messages. This could allow an unauthenticated remote attacker to affected the availability of secondary RTLS systems configured using a TeeRevProxy service and potentially cause loss of data generated during the time the attack is ongoing.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33494", }, { cve: "CVE-2024-33495", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33495", }, { cve: "CVE-2024-33496", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33496", }, { cve: "CVE-2024-33497", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33497", }, { cve: "CVE-2024-33498", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33498", }, { cve: "CVE-2024-33499", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33499", }, { cve: "CVE-2024-33583", cwe: { id: "CWE-912", name: "Hidden Functionality", }, notes: [ { category: "summary", text: "Affected application contains a hidden configuration item to enable debug functionality. This could allow an authenticated local attacker to gain insight into the internal configuration of the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33583", }, ], }
icsa-24-137-07
Vulnerability from csaf_cisa
Published
2024-05-14 00:00
Modified
2024-06-11 00:00
Summary
Siemens SIMATIC RTLS Locating Manager
Notes
Summary
Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Siemens has released a new version for SIMATIC RTLS Locating Manager and recommends to update to the latest version.", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-093430.json", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-093430.html", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-093430.pdf", }, { category: "self", summary: "SSA-093430: Multiple Vulnerabilities in SIMATIC RTLS Locating Manager before V3.0 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-093430.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-137-07 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-137-07.json", }, { category: "self", summary: "ICS Advisory ICSA-24-137-07 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-137-07", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SIMATIC RTLS Locating Manager", tracking: { current_release_date: "2024-06-11T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-24-137-07", initial_release_date: "2024-05-14T00:00:00.000000Z", revision_history: [ { date: "2024-05-14T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-06-11T00:00:00.000000Z", legacy_version: "1.1", number: "2", summary: "Added specific mitigation for CVE-2024-30207", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GT2780-0DA00", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA00)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GT2780-0DA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GT2780-0DA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GT2780-0DA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-0DA30)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GT2780-1EA10", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA10)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GT2780-1EA20", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA20)", }, { branches: [ { category: "product_version_range", name: "<V3.0.1.1", product: { name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GT2780-1EA30", ], }, }, }, ], category: "product_name", name: "SIMATIC RTLS Locating Manager (6GT2780-1EA30)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2023-4807", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-4807", }, { cve: "CVE-2023-5363", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers.\r\n\r\nImpact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes.\r\n\r\nWhen calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB.\r\n\r\nFor the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse.\r\n\r\nBoth truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical.\r\n\r\nChanging the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall.\r\n\r\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\r\n\r\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary.\r\n\r\nOpenSSL 3.1 and 3.0 are vulnerable to this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-5363", }, { cve: "CVE-2023-5678", cwe: { id: "CWE-754", name: "Improper Check for Unusual or Exceptional Conditions", }, notes: [ { category: "summary", text: "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-5678", }, { cve: "CVE-2023-29409", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-29409", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "summary", text: "PC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases. Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with a parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…\r\n- Unbounded memory buffering in the HPACK parser\r\n- Unbounded CPU consumption in the HPACK parser\r\n\r\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an parsing loop, with n selected by the client.\r\n\r\nThe unbounded memory buffering bugs:\r\n\r\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\r\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\r\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-38039", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "When curl retrieves an HTTP response, it stores the incoming headers so that\nthey can be accessed later via the libcurl headers API.\n\nHowever, curl did not have a limit in how many or how large headers it would\naccept in a response, allowing a malicious server to stream an endless series\nof headers and eventually cause curl to run out of heap memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38039", }, { cve: "CVE-2023-38545", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, notes: [ { category: "summary", text: "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38545", }, { cve: "CVE-2023-38546", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-38546", }, { cve: "CVE-2023-46218", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-46218", }, { cve: "CVE-2023-46219", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "summary", text: "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2023-46219", }, { cve: "CVE-2024-30206", cwe: { id: "CWE-494", name: "Download of Code Without Integrity Check", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Clients do not properly check the integrity of update files. This could allow an unauthenticated remote attacker to alter update files in transit and trick an authorized user into installing malicious code. \r\nA successful exploit requires the attacker to be able to modify the communication between server and client on the network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30206", }, { cve: "CVE-2024-30207", cwe: { id: "CWE-321", name: "Use of Hard-coded Cryptographic Key", }, notes: [ { category: "summary", text: "The affected systems use symmetric cryptography with a hard-coded key to protect the communication between client and server. This could allow an unauthenticated remote attacker to compromise confidentiality and integrity of the communication and, subsequently, availability of the system.\r\nA successful exploit requires the attacker to gain knowledge of the hard-coded key and to be able to intercept the communication between client and server on the network.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Protect all communication between RTLS Clients and the Server using a secure channel, e.g. an appropriate VPN solution. Ensure that the configured Server ports are exclusively reachable via the VPN as described in the installation manual", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 10, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30207", }, { cve: "CVE-2024-30208", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The \"DBTest\" tool of SIMATIC RTLS Locating Manager does not properly enforce access restriction. This could allow an authenticated local attacker to extract sensitive information from memory.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30208", }, { cve: "CVE-2024-30209", cwe: { id: "CWE-319", name: "Cleartext Transmission of Sensitive Information", }, notes: [ { category: "summary", text: "Affected systems transmit client-side resources without proper cryptographic protection. This could allow an attacker to eavesdrop on and modify resources in transit. A successful exploit requires an attacker to be in the network path between the RTLS Locating Manager server and a client (MitM).", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 9.6, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-30209", }, { cve: "CVE-2024-33494", cwe: { id: "CWE-345", name: "Insufficient Verification of Data Authenticity", }, notes: [ { category: "summary", text: "Affected components do not properly authenticate heartbeat messages. This could allow an unauthenticated remote attacker to affected the availability of secondary RTLS systems configured using a TeeRevProxy service and potentially cause loss of data generated during the time the attack is ongoing.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33494", }, { cve: "CVE-2024-33495", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "The affected application does not properly limit the size of specific logs. This could allow an unauthenticated remote attacker to exhaust system resources by creating a great number of log entries which could potentially lead to a denial of service condition. A successful exploitation requires the attacker to have access to specific SIMATIC RTLS Locating Manager Clients in the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33495", }, { cve: "CVE-2024-33496", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33496", }, { cve: "CVE-2024-33497", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "Affected SIMATIC RTLS Locating Manager Track Viewer Client do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 6.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33497", }, { cve: "CVE-2024-33498", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "summary", text: "Affected applications do not properly release memory that is allocated when handling specifically crafted incoming packets. This could allow an unauthenticated remote attacker to cause a denial of service condition by crashing the service when it runs out of memory. The service is restarted automatically after a short time.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33498", }, { cve: "CVE-2024-33499", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, notes: [ { category: "summary", text: "The affected application assigns incorrect permissions to a user management component. This could allow a privileged attacker to escalate their privileges from the Administrators group to the Systemadministrator group.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33499", }, { cve: "CVE-2024-33583", cwe: { id: "CWE-912", name: "Hidden Functionality", }, notes: [ { category: "summary", text: "Affected application contains a hidden configuration item to enable debug functionality. This could allow an authenticated local attacker to gain insight into the internal configuration of the deployment.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, remediations: [ { category: "mitigation", details: "Install required RTLS Locating Manager components on a single host computer where possible and ensure only trusted persons have access to the system", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Secure the Windows Server, where the RTLS Locating Manager is installed on, with a firewall and make sure no ports are accessible from untrusted networks", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "mitigation", details: "Apply security hardening of the Windows Server, where the RTLS Locating Manager is installed on, in accordance with your corporate security policies or up-to-date hardening guidelines", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, { category: "vendor_fix", details: "Update to V3.0.1.1 or later version\nThe update is available from Siemens Online Software Delivery (OSD).", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", ], }, ], title: "CVE-2024-33583", }, ], }
rhsa-2024:10761
Vulnerability from csaf_redhat
Published
2024-12-03 16:21
Modified
2025-03-14 02:15
Summary
Red Hat Security Advisory: rhc-worker-playbook security update
Notes
Topic
An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.
Security Fix(es):
* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)
* gRPC: sensitive information disclosure (CVE-2023-32731)
* gRPC: Reachable Assertion (CVE-2023-1428)
* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.\n\nSecurity Fix(es):\n\n* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)\n\n* gRPC: sensitive information disclosure (CVE-2023-32731)\n\n* gRPC: Reachable Assertion (CVE-2023-1428)\n\n* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10761", url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10761.json", }, ], title: "Red Hat Security Advisory: rhc-worker-playbook security update", tracking: { current_release_date: "2025-03-14T02:15:43+00:00", generator: { date: "2025-03-14T02:15:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10761", initial_release_date: "2024-12-03T16:21:41+00:00", revision_history: [ { date: "2024-12-03T16:21:41+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-03T16:21:41+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-14T02:15:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, ], }, vulnerabilities: [ { cve: "CVE-2022-40898", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-12-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2165864", }, ], notes: [ { category: "description", text: "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.", title: "Vulnerability description", }, { category: "summary", text: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-40898", }, { category: "external", summary: "RHBZ#2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-40898", url: "https://www.cve.org/CVERecord?id=CVE-2022-40898", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", }, { category: "external", summary: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", url: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", }, ], release_date: "2022-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", }, { cve: "CVE-2023-1428", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214473", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC library. Affected versions of this package are vulnerable to a reachable assertion, causing the abort function to be called and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: Reachable Assertion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to the C++, Python and Ruby implementations of gRPC prior to the 1.53 release.\nThe gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-1428", }, { category: "external", summary: "RHBZ#2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-1428", url: "https://www.cve.org/CVERecord?id=CVE-2023-1428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: Reachable Assertion", }, { cve: "CVE-2023-32731", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214463", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. This flaw allows a remote attacker to obtain sensitive information, caused by a flaw when the gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker can obtain sensitive information, and use this information to launch further attacks against the affected system.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: sensitive information disclosure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-32731", }, { category: "external", summary: "RHBZ#2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-32731", url: "https://www.cve.org/CVERecord?id=CVE-2023-32731", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", }, { category: "external", summary: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", url: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: sensitive information disclosure", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, discovery_date: "2023-08-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230890", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: hpack table accounting errors can lead to denial of service", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to C++ implementations of gRPC prior to the 1.57 release. The gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33953", }, { category: "external", summary: "RHBZ#2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33953", url: "https://www.cve.org/CVERecord?id=CVE-2023-33953", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", }, { category: "external", summary: "https://cloud.google.com/support/bulletins#gcp-2023-022", url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, { category: "external", summary: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", url: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", }, ], release_date: "2023-08-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "gRPC: hpack table accounting errors can lead to denial of service", }, ], }
RHSA-2024:10761
Vulnerability from csaf_redhat
Published
2024-12-03 16:21
Modified
2025-03-14 02:15
Summary
Red Hat Security Advisory: rhc-worker-playbook security update
Notes
Topic
An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.
Security Fix(es):
* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)
* gRPC: sensitive information disclosure (CVE-2023-32731)
* gRPC: Reachable Assertion (CVE-2023-1428)
* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.\n\nSecurity Fix(es):\n\n* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)\n\n* gRPC: sensitive information disclosure (CVE-2023-32731)\n\n* gRPC: Reachable Assertion (CVE-2023-1428)\n\n* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10761", url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10761.json", }, ], title: "Red Hat Security Advisory: rhc-worker-playbook security update", tracking: { current_release_date: "2025-03-14T02:15:43+00:00", generator: { date: "2025-03-14T02:15:43+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10761", initial_release_date: "2024-12-03T16:21:41+00:00", revision_history: [ { date: "2024-12-03T16:21:41+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-03T16:21:41+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-14T02:15:43+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, ], }, vulnerabilities: [ { cve: "CVE-2022-40898", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-12-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2165864", }, ], notes: [ { category: "description", text: "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.", title: "Vulnerability description", }, { category: "summary", text: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-40898", }, { category: "external", summary: "RHBZ#2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-40898", url: "https://www.cve.org/CVERecord?id=CVE-2022-40898", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", }, { category: "external", summary: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", url: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", }, ], release_date: "2022-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", }, { cve: "CVE-2023-1428", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214473", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC library. Affected versions of this package are vulnerable to a reachable assertion, causing the abort function to be called and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: Reachable Assertion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to the C++, Python and Ruby implementations of gRPC prior to the 1.53 release.\nThe gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-1428", }, { category: "external", summary: "RHBZ#2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-1428", url: "https://www.cve.org/CVERecord?id=CVE-2023-1428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: Reachable Assertion", }, { cve: "CVE-2023-32731", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214463", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. This flaw allows a remote attacker to obtain sensitive information, caused by a flaw when the gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker can obtain sensitive information, and use this information to launch further attacks against the affected system.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: sensitive information disclosure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-32731", }, { category: "external", summary: "RHBZ#2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-32731", url: "https://www.cve.org/CVERecord?id=CVE-2023-32731", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", }, { category: "external", summary: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", url: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: sensitive information disclosure", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, discovery_date: "2023-08-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230890", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: hpack table accounting errors can lead to denial of service", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to C++ implementations of gRPC prior to the 1.57 release. The gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33953", }, { category: "external", summary: "RHBZ#2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33953", url: "https://www.cve.org/CVERecord?id=CVE-2023-33953", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", }, { category: "external", summary: "https://cloud.google.com/support/bulletins#gcp-2023-022", url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, { category: "external", summary: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", url: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", }, ], release_date: "2023-08-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "gRPC: hpack table accounting errors can lead to denial of service", }, ], }
rhsa-2024_10761
Vulnerability from csaf_redhat
Published
2024-12-03 16:21
Modified
2024-12-17 19:34
Summary
Red Hat Security Advisory: rhc-worker-playbook security update
Notes
Topic
An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.
Security Fix(es):
* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)
* gRPC: sensitive information disclosure (CVE-2023-32731)
* gRPC: Reachable Assertion (CVE-2023-1428)
* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Python-based worker for Red Hat connect, used to launch Ansible playbooks via Ansible Runner.\n\nSecurity Fix(es):\n\n* python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli (CVE-2022-40898)\n\n* gRPC: sensitive information disclosure (CVE-2023-32731)\n\n* gRPC: Reachable Assertion (CVE-2023-1428)\n\n* gRPC: hpack table accounting errors can lead to denial of service (CVE-2023-33953)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10761", url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10761.json", }, ], title: "Red Hat Security Advisory: rhc-worker-playbook security update", tracking: { current_release_date: "2024-12-17T19:34:04+00:00", generator: { date: "2024-12-17T19:34:04+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:10761", initial_release_date: "2024-12-03T16:21:41+00:00", revision_history: [ { date: "2024-12-03T16:21:41+00:00", number: "1", summary: "Initial version", }, { date: "2024-12-03T16:21:41+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T19:34:04+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=aarch64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=ppc64le", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=x86_64", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook@0.1.10-1.el9_5?arch=s390x", }, }, }, { category: "product_version", name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_id: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.1.10-1.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", }, product_reference: "rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, ], }, vulnerabilities: [ { cve: "CVE-2022-40898", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2022-12-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2165864", }, ], notes: [ { category: "description", text: "An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.", title: "Vulnerability description", }, { category: "summary", text: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-40898", }, { category: "external", summary: "RHBZ#2165864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2165864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-40898", url: "https://www.cve.org/CVERecord?id=CVE-2022-40898", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-40898", }, { category: "external", summary: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", url: "https://github.com/advisories/GHSA-qwmp-2cf2-g9g6", }, ], release_date: "2022-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-wheel: remote attackers can cause denial of service via attacker controlled input to wheel cli", }, { cve: "CVE-2023-1428", cwe: { id: "CWE-617", name: "Reachable Assertion", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214473", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC library. Affected versions of this package are vulnerable to a reachable assertion, causing the abort function to be called and resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: Reachable Assertion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to the C++, Python and Ruby implementations of gRPC prior to the 1.53 release.\nThe gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-1428", }, { category: "external", summary: "RHBZ#2214473", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214473", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-1428", url: "https://www.cve.org/CVERecord?id=CVE-2023-1428", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-1428", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: Reachable Assertion", }, { cve: "CVE-2023-32731", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, discovery_date: "2023-06-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2214463", }, ], notes: [ { category: "description", text: "A flaw was found in gRPC. This flaw allows a remote attacker to obtain sensitive information, caused by a flaw when the gRPC HTTP2 stack raised a header size exceeded error. By sending a specially crafted request, an attacker can obtain sensitive information, and use this information to launch further attacks against the affected system.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: sensitive information disclosure", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-32731", }, { category: "external", summary: "RHBZ#2214463", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2214463", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-32731", url: "https://www.cve.org/CVERecord?id=CVE-2023-32731", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-32731", }, { category: "external", summary: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", url: "https://github.com/advisories/GHSA-cfgp-2977-2fmm", }, ], release_date: "2023-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gRPC: sensitive information disclosure", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, discovery_date: "2023-08-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2230890", }, ], notes: [ { category: "description", text: "A flaw was found in the gRPC lib. This vulnerability allows hpack table accounting errors that could lead to unwanted disconnects between clients and servers in exceptional cases. This issue leads to Unbounded memory buffering in the HPACK parser and Unbounded CPU consumption in the HPACK parser.", title: "Vulnerability description", }, { category: "summary", text: "gRPC: hpack table accounting errors can lead to denial of service", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability is specific to C++ implementations of gRPC prior to the 1.57 release. The gRPC library was packaged with Openshift via the Kuryr component. However, Kuryr was never configured to run code using the gRPC library and has since been removed.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33953", }, { category: "external", summary: "RHBZ#2230890", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2230890", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33953", url: "https://www.cve.org/CVERecord?id=CVE-2023-33953", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", }, { category: "external", summary: "https://cloud.google.com/support/bulletins#gcp-2023-022", url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, { category: "external", summary: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", url: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", }, ], release_date: "2023-08-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-12-03T16:21:41+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10761", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.src", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-0:0.1.10-1.el9_5.x86_64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:rhc-worker-playbook-debuginfo-0:0.1.10-1.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "gRPC: hpack table accounting errors can lead to denial of service", }, ], }
wid-sec-w-2024-1591
Vulnerability from csaf_certbund
Published
2024-07-10 22:00
Modified
2024-11-11 23:00
Summary
Juniper JUNOS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JUNOS ist das "Juniper Network Operating System", das in Juniper Appliances verwendet wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "JUNOS ist das \"Juniper Network Operating System\", das in Juniper Appliances verwendet wird.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in Juniper JUNOS ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive zu umgehen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2024-1591 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1591.json", }, { category: "self", summary: "WID-SEC-2024-1591 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1591", }, { category: "external", summary: "Juniper Patchday July 2024 vom 2024-07-10", url: "https://supportportal.juniper.net/s/global-search/%40uri?language=en_US#sort=%40sfcec_community_publish_date_formula__c%20descending&numberOfResults=100&f:ctype=%5BSecurity%20Advisories%5D", }, ], source_lang: "en-US", title: "Juniper JUNOS: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-11T23:00:00.000+00:00", generator: { date: "2024-11-12T09:31:28.569+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2024-1591", initial_release_date: "2024-07-10T22:00:00.000+00:00", revision_history: [ { date: "2024-07-10T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-11T23:00:00.000+00:00", number: "2", summary: "URL Kodierung angepasst", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Juniper JUNOS", product: { name: "Juniper JUNOS", product_id: "T036093", product_identification_helper: { cpe: "cpe:/o:juniper:junos:-", }, }, }, ], category: "vendor", name: "Juniper", }, ], }, vulnerabilities: [ { cve: "CVE-2006-20001", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2006-20001", }, { cve: "CVE-2007-5846", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2007-5846", }, { cve: "CVE-2008-6123", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2008-6123", }, { cve: "CVE-2011-1473", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2011-1473", }, { cve: "CVE-2011-5094", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2011-5094", }, { cve: "CVE-2012-6151", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2012-6151", }, { cve: "CVE-2014-10064", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-10064", }, { cve: "CVE-2014-2285", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-2285", }, { cve: "CVE-2014-2310", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-2310", }, { cve: "CVE-2014-3565", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-3565", }, { cve: "CVE-2014-7191", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-7191", }, { cve: "CVE-2014-8882", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2014-8882", }, { cve: "CVE-2015-5621", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2015-5621", }, { cve: "CVE-2015-8100", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2015-8100", }, { cve: "CVE-2015-9262", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2015-9262", }, { cve: "CVE-2016-1000232", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2016-1000232", }, { cve: "CVE-2016-10540", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2016-10540", }, { cve: "CVE-2016-4658", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2016-4658", }, { cve: "CVE-2017-1000048", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2017-1000048", }, { cve: "CVE-2017-15010", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2017-15010", }, { cve: "CVE-2018-18065", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2018-18065", }, { cve: "CVE-2018-20834", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2018-20834", }, { cve: "CVE-2018-3737", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2018-3737", }, { cve: "CVE-2018-7408", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2018-7408", }, { cve: "CVE-2019-10081", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-10081", }, { cve: "CVE-2019-10082", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-10082", }, { cve: "CVE-2019-10092", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-10092", }, { cve: "CVE-2019-10097", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-10097", }, { cve: "CVE-2019-10098", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-10098", }, { cve: "CVE-2019-11719", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-11719", }, { cve: "CVE-2019-11727", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-11727", }, { cve: "CVE-2019-11756", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-11756", }, { cve: "CVE-2019-16775", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-16775", }, { cve: "CVE-2019-16776", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-16776", }, { cve: "CVE-2019-16777", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-16777", }, { cve: "CVE-2019-17006", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-17006", }, { cve: "CVE-2019-17023", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-17023", }, { cve: "CVE-2019-17567", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-17567", }, { cve: "CVE-2019-20149", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-20149", }, { cve: "CVE-2019-20892", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-20892", }, { cve: "CVE-2019-9517", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2019-9517", }, { cve: "CVE-2020-11668", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-11668", }, { cve: "CVE-2020-11984", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-11984", }, { cve: "CVE-2020-11993", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-11993", }, { cve: "CVE-2020-12362", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-12362", }, { cve: "CVE-2020-12400", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-12400", }, { cve: "CVE-2020-12401", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-12401", }, { cve: "CVE-2020-12402", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-12402", }, { cve: "CVE-2020-12403", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-12403", }, { cve: "CVE-2020-13938", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-13938", }, { cve: "CVE-2020-13950", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-13950", }, { cve: "CVE-2020-14145", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-14145", }, { cve: "CVE-2020-15861", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-15861", }, { cve: "CVE-2020-15862", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-15862", }, { cve: "CVE-2020-1927", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-1927", }, { cve: "CVE-2020-1934", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-1934", }, { cve: "CVE-2020-28469", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-28469", }, { cve: "CVE-2020-28502", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-28502", }, { cve: "CVE-2020-35452", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-35452", }, { cve: "CVE-2020-36049", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-36049", }, { cve: "CVE-2020-6829", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-6829", }, { cve: "CVE-2020-7660", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-7660", }, { cve: "CVE-2020-7754", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-7754", }, { cve: "CVE-2020-7774", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-7774", }, { cve: "CVE-2020-8648", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-8648", }, { cve: "CVE-2020-9490", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2020-9490", }, { cve: "CVE-2021-22543", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-22543", }, { cve: "CVE-2021-2342", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2342", }, { cve: "CVE-2021-23440", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-23440", }, { cve: "CVE-2021-2356", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2356", }, { cve: "CVE-2021-2372", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2372", }, { cve: "CVE-2021-2385", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2385", }, { cve: "CVE-2021-2389", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2389", }, { cve: "CVE-2021-2390", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-2390", }, { cve: "CVE-2021-25745", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-25745", }, { cve: "CVE-2021-25746", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-25746", }, { cve: "CVE-2021-25748", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-25748", }, { cve: "CVE-2021-26690", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-26690", }, { cve: "CVE-2021-26691", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-26691", }, { cve: "CVE-2021-27290", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-27290", }, { cve: "CVE-2021-29469", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-29469", }, { cve: "CVE-2021-30641", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-30641", }, { cve: "CVE-2021-31535", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-31535", }, { cve: "CVE-2021-31618", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-31618", }, { cve: "CVE-2021-3177", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-3177", }, { cve: "CVE-2021-32803", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-32803", }, { cve: "CVE-2021-32804", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-32804", }, { cve: "CVE-2021-33033", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-33033", }, { cve: "CVE-2021-33034", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-33034", }, { cve: "CVE-2021-33193", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-33193", }, { cve: "CVE-2021-3347", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-3347", }, { cve: "CVE-2021-33909", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-33909", }, { cve: "CVE-2021-34798", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-34798", }, { cve: "CVE-2021-35604", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-35604", }, { cve: "CVE-2021-35624", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-35624", }, { cve: "CVE-2021-36160", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-36160", }, { cve: "CVE-2021-37701", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-37701", }, { cve: "CVE-2021-37712", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-37712", }, { cve: "CVE-2021-37713", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-37713", }, { cve: "CVE-2021-3803", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-3803", }, { cve: "CVE-2021-39275", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-39275", }, { cve: "CVE-2021-40438", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-40438", }, { cve: "CVE-2021-41524", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-41524", }, { cve: "CVE-2021-41773", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-41773", }, { cve: "CVE-2021-42013", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-42013", }, { cve: "CVE-2021-43527", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-43527", }, { cve: "CVE-2021-44224", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-44224", }, { cve: "CVE-2021-44225", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-44225", }, { cve: "CVE-2021-44790", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-44790", }, { cve: "CVE-2021-44906", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2021-44906", }, { cve: "CVE-2022-21245", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21245", }, { cve: "CVE-2022-21270", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21270", }, { cve: "CVE-2022-21303", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21303", }, { cve: "CVE-2022-21304", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21304", }, { cve: "CVE-2022-21344", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21344", }, { cve: "CVE-2022-21367", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21367", }, { cve: "CVE-2022-21417", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21417", }, { cve: "CVE-2022-21427", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21427", }, { cve: "CVE-2022-21444", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21444", }, { cve: "CVE-2022-21451", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21451", }, { cve: "CVE-2022-21454", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21454", }, { cve: "CVE-2022-21460", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21460", }, { cve: "CVE-2022-21589", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21589", }, { cve: "CVE-2022-21592", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21592", }, { cve: "CVE-2022-21595", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21595", }, { cve: "CVE-2022-21608", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21608", }, { cve: "CVE-2022-21617", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-21617", }, { cve: "CVE-2022-22719", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22719", }, { cve: "CVE-2022-22720", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22720", }, { cve: "CVE-2022-22721", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22721", }, { cve: "CVE-2022-22822", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22822", }, { cve: "CVE-2022-22823", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22823", }, { cve: "CVE-2022-22824", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-22824", }, { cve: "CVE-2022-23471", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23471", }, { cve: "CVE-2022-23524", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23524", }, { cve: "CVE-2022-23525", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23525", }, { cve: "CVE-2022-23526", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23526", }, { cve: "CVE-2022-23852", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23852", }, { cve: "CVE-2022-23943", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-23943", }, { cve: "CVE-2022-25147", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-25147", }, { cve: "CVE-2022-25235", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-25235", }, { cve: "CVE-2022-25236", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-25236", }, { cve: "CVE-2022-2526", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-2526", }, { cve: "CVE-2022-25315", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-25315", }, { cve: "CVE-2022-26377", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-26377", }, { cve: "CVE-2022-28330", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-28330", }, { cve: "CVE-2022-28614", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-28614", }, { cve: "CVE-2022-28615", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-28615", }, { cve: "CVE-2022-29167", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-29167", }, { cve: "CVE-2022-29404", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-29404", }, { cve: "CVE-2022-30522", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-30522", }, { cve: "CVE-2022-30556", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-30556", }, { cve: "CVE-2022-31813", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-31813", }, { cve: "CVE-2022-3517", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-3517", }, { cve: "CVE-2022-3564", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-3564", }, { cve: "CVE-2022-36760", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-36760", }, { cve: "CVE-2022-37434", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-37434", }, { cve: "CVE-2022-37436", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-37436", }, { cve: "CVE-2022-40674", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-40674", }, { cve: "CVE-2022-41741", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-41741", }, { cve: "CVE-2022-41742", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-41742", }, { cve: "CVE-2022-4203", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-4203", }, { cve: "CVE-2022-4304", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-4304", }, { cve: "CVE-2022-4450", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-4450", }, { cve: "CVE-2022-46663", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-46663", }, { cve: "CVE-2022-4886", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2022-4886", }, { cve: "CVE-2023-0215", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0215", }, { cve: "CVE-2023-0216", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0216", }, { cve: "CVE-2023-0217", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0217", }, { cve: "CVE-2023-0286", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0286", }, { cve: "CVE-2023-0401", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0401", }, { cve: "CVE-2023-0464", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0464", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0767", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-0767", }, { cve: "CVE-2023-1255", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-1255", }, { cve: "CVE-2023-2002", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-2002", }, { cve: "CVE-2023-20593", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-20593", }, { cve: "CVE-2023-21830", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21830", }, { cve: "CVE-2023-21840", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21840", }, { cve: "CVE-2023-21843", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21843", }, { cve: "CVE-2023-21912", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21912", }, { cve: "CVE-2023-21963", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21963", }, { cve: "CVE-2023-21980", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-21980", }, { cve: "CVE-2023-22025", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-22025", }, { cve: "CVE-2023-22067", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-22067", }, { cve: "CVE-2023-22081", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-22081", }, { cve: "CVE-2023-22652", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-22652", }, { cve: "CVE-2023-24329", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-24329", }, { cve: "CVE-2023-25153", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-25153", }, { cve: "CVE-2023-25173", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-25173", }, { cve: "CVE-2023-25690", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-25690", }, { cve: "CVE-2023-2700", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-2700", }, { cve: "CVE-2023-27522", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-27522", }, { cve: "CVE-2023-2828", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-2828", }, { cve: "CVE-2023-28840", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-28840", }, { cve: "CVE-2023-28841", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-28841", }, { cve: "CVE-2023-28842", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-28842", }, { cve: "CVE-2023-2975", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-2975", }, { cve: "CVE-2023-30079", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-30079", }, { cve: "CVE-2023-30630", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-30630", }, { cve: "CVE-2023-3090", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3090", }, { cve: "CVE-2023-32067", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-32067", }, { cve: "CVE-2023-32360", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-32360", }, { cve: "CVE-2023-32435", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-32435", }, { cve: "CVE-2023-32439", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-32439", }, { cve: "CVE-2023-32732", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-32732", }, { cve: "CVE-2023-3341", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3341", }, { cve: "CVE-2023-3390", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3390", }, { cve: "CVE-2023-33953", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-33953", }, { cve: "CVE-2023-34058", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-34058", }, { cve: "CVE-2023-34059", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-34059", }, { cve: "CVE-2023-3446", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3446", }, { cve: "CVE-2023-34969", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-34969", }, { cve: "CVE-2023-35001", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-35001", }, { cve: "CVE-2023-35788", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-35788", }, { cve: "CVE-2023-3611", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3611", }, { cve: "CVE-2023-37450", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-37450", }, { cve: "CVE-2023-3776", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3776", }, { cve: "CVE-2023-3817", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-3817", }, { cve: "CVE-2023-4004", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4004", }, { cve: "CVE-2023-4206", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4206", }, { cve: "CVE-2023-4207", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4207", }, { cve: "CVE-2023-4208", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4208", }, { cve: "CVE-2023-42753", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-42753", }, { cve: "CVE-2023-4785", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4785", }, { cve: "CVE-2023-4807", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4807", }, { cve: "CVE-2023-4863", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-4863", }, { cve: "CVE-2023-5043", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-5043", }, { cve: "CVE-2023-5129", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-5129", }, { cve: "CVE-2023-5363", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2023-5363", }, { cve: "CVE-2024-20918", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20918", }, { cve: "CVE-2024-20919", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20919", }, { cve: "CVE-2024-20921", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20921", }, { cve: "CVE-2024-20926", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20926", }, { cve: "CVE-2024-20932", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20932", }, { cve: "CVE-2024-20945", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20945", }, { cve: "CVE-2024-20952", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-20952", }, { cve: "CVE-2024-39511", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39511", }, { cve: "CVE-2024-39512", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39512", }, { cve: "CVE-2024-39513", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39513", }, { cve: "CVE-2024-39514", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39514", }, { cve: "CVE-2024-39517", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39517", }, { cve: "CVE-2024-39518", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39518", }, { cve: "CVE-2024-39519", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39519", }, { cve: "CVE-2024-39520", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39520", }, { cve: "CVE-2024-39521", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39521", }, { cve: "CVE-2024-39522", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39522", }, { cve: "CVE-2024-39523", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39523", }, { cve: "CVE-2024-39524", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39524", }, { cve: "CVE-2024-39528", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39528", }, { cve: "CVE-2024-39529", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39529", }, { cve: "CVE-2024-39530", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39530", }, { cve: "CVE-2024-39531", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39531", }, { cve: "CVE-2024-39532", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39532", }, { cve: "CVE-2024-39533", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39533", }, { cve: "CVE-2024-39535", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39535", }, { cve: "CVE-2024-39536", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39536", }, { cve: "CVE-2024-39537", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39537", }, { cve: "CVE-2024-39538", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39538", }, { cve: "CVE-2024-39539", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39539", }, { cve: "CVE-2024-39540", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39540", }, { cve: "CVE-2024-39541", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39541", }, { cve: "CVE-2024-39542", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39542", }, { cve: "CVE-2024-39543", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39543", }, { cve: "CVE-2024-39545", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39545", }, { cve: "CVE-2024-39546", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39546", }, { cve: "CVE-2024-39548", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39548", }, { cve: "CVE-2024-39549", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39549", }, { cve: "CVE-2024-39550", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39550", }, { cve: "CVE-2024-39551", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39551", }, { cve: "CVE-2024-39553", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39553", }, { cve: "CVE-2024-39554", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39554", }, { cve: "CVE-2024-39555", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39555", }, { cve: "CVE-2024-39556", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39556", }, { cve: "CVE-2024-39557", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39557", }, { cve: "CVE-2024-39558", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39558", }, { cve: "CVE-2024-39559", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39559", }, { cve: "CVE-2024-39560", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39560", }, { cve: "CVE-2024-39561", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39561", }, { cve: "CVE-2024-39565", notes: [ { category: "description", text: "Es existieren mehrere Schwachstellen in verschiedenen Juniper-Produkten. Ursachen sind unter Anderem Ungenügende Eingabeüberprüfungen, Unsachgemäße Überprüfung und Verarbeitung von Paketen, fehlende Speicherfreigaben, fehlerhafte Behandlung von Ausnahmen, Unsachgemäße Speicherbehandlung, unkontrollierter Ressourcenverbrauch, Klartextspeicherung von Daten und Pufferüberläufe. Diese Schwachstellen ermöglichen Angreifern Denial of Service Zustände zu verursachen, Informationen offenzulegen, Code auszuführen, Privilegien zu erweitern und Sicherheitsmechanismen inklusive der Firewall Funktionalität zu umgehen. Zu einer erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder eine Interaktion des Nutzers notwendig.", }, ], product_status: { known_affected: [ "T036093", ], }, release_date: "2024-07-10T22:00:00.000+00:00", title: "CVE-2024-39565", }, ], }
suse-su-2024:0573-1
Vulnerability from csaf_suse
Published
2024-02-21 08:37
Modified
2024-02-21 08:37
Summary
Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2
Notes
Title of the patch
Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2
Description of the patch
This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 fixes the following issues:
abseil-cpp was updated to:
Update to 20230802.1:
* Add StdcppWaiter to the end of the list of waiter implementations
Update to 20230802.0
What's New:
* Added the nullability library for designating the expected
nullability of pointers. Currently these serve as annotations
only, but it is expected that compilers will one day be able
to use these annotations for diagnostic purposes.
* Added the prefetch library as a portable layer for moving data
into caches before it is read.
* Abseil's hash tables now detect many more programming errors
in debug and sanitizer builds.
* Abseil's synchronization objects now differentiate absolute
waits (when passed an absl::Time) from relative waits (when
passed an absl::Duration) when the underlying platform supports
differentiating these cases. This only makes a difference when
system clocks are adjusted.
* Abseil's flag parsing library includes additional methods that
make it easier to use when another library also expects to be
able to parse flags.
* absl::string_view is now available as a smaller target,
@com_google_absl//absl/strings:string_view, so that users may
use this library without depending on the much larger
@com_google_absl//absl/strings target.
Update to 20230125.3
Details can be found on:
https://github.com/abseil/abseil-cpp/releases/tag/20230125.3
Update to 20230125.2
What's New:
The Abseil logging library has been released. This library
provides facilities for writing short text messages about the
status of a program to stderr, disk files, or other sinks
(via an extension API). See the logging library documentation
for more information.
An extension point, AbslStringify(), allows user-defined types
to seamlessly work with Abseil's string formatting functions
like absl::StrCat() and absl::StrFormat().
A library for computing CRC32C checksums has been added.
Floating-point parsing now uses the Eisel-Lemire algorithm,
which provides a significant speed improvement.
The flags library now provides suggestions for the closest
flag(s) in the case of misspelled flags.
Using CMake to install Abseil now makes the installed artifacts
(in particular absl/base/options.h) reflect the compiled ABI.
Breaking Changes:
Abseil now requires at least C++14 and follows Google's Foundational
C++ Support Policy. See this table for a list of currently supported
versions compilers, platforms, and build tools.
The legacy spellings of the thread annotation macros/functions
(e.g. GUARDED_BY()) have been removed by default in favor of the
ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with
other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS
can be defined on the compile command-line to temporarily restore these
spellings, but this compatibility macro will be removed in the future.
Known Issues
The Abseil logging library in this release is not a feature-complete
replacement for glog yet. VLOG and DFATAL are examples of features
that have not yet been released.
Update to version 20220623.0
What's New:
* Added absl::AnyInvocable, a move-only function type.
* Added absl::CordBuffer, a type for buffering data for eventual inclusion an
absl::Cord, which is useful for writing zero-copy code.
* Added support for command-line flags of type absl::optional<T>.
Breaking Changes:
* CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control
whether or not unit tests are built.
* The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that
are experiencing new warnings can use -Wno-deprecated-declatations silence
the warnings or use -Wno-error=deprecated-declarations to see warnings but
not fail the build.
* ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some
compilers are more strict about where this keyword must appear compared to
the pre-C++20 implementation.
* Bazel builds now depend on the bazelbuild/bazel-skylib repository.
See Abseil's WORKSPACE file for an example of how to add this dependency.
Other:
* This will be the last release to support C++11. Future releases will require at least C++14.
grpc was updated to 1.60:
Update to release 1.60
* Implemented dualstack IPv4 and IPv6 backend support, as per
draft gRFC A61. xDS support currently guarded by
GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS env var.
* Support for setting proxy for addresses.
* Add v1 reflection.
update to 1.59.3:
* Security - Revocation: Crl backport to 1.59. (#34926)
Update to release 1.59.2
* Fixes for CVE-2023-44487
Update to version 1.59.1:
* C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552).
Update to version 1.59.0:
* xds ssa: Remove environment variable protection for stateful
affinity (gh#grpc/grpc#34435).
* c-ares: fix spin loop bug when c-ares gives up on a socket
that still has data left in its read buffer
(gh#grpc/grpc#34185).
* Deps: Adding upb as a submodule (gh#grpc/grpc#34199).
* EventEngine: Update Cancel contract on closure deletion
timeline (gh#grpc/grpc#34167).
* csharp codegen: Handle empty base_namespace option value to
fix gh#grpc/grpc#34113 (gh#grpc/grpc#34137).
* Ruby:
- replace strdup with gpr_strdup (gh#grpc/grpc#34177).
- drop ruby 2.6 support (gh#grpc/grpc#34198).
Update to release 1.58.1
* Reintroduced c-ares 1.14 or later support
Update to release 1.58
* ruby extension: remove unnecessary background thread startup
wait logic that interferes with forking
Update to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* EventEngine: Change GetDNSResolver to return
absl::StatusOr<std::unique_ptr<DNSResolver>>.
* Improve server handling of file descriptor exhaustion.
* Add a channel argument to set DSCP on streams.
Update to release 1.56.2
* Improve server handling of file descriptor exhaustion
Update to release 1.56.0 (CVE-2023-32731, bsc#1212180)
* core: Add support for vsock transport.
* EventEngine: Change TXT lookup result type to
std::vector<std::string>.
* C++/Authz: support customizable audit functionality for
authorization policy.
Update to release 1.54.1
* Bring declarations and definitions to be in sync
Update to release 1.54 (CVE-2023-32732, bsc#1212182)
* XDS: enable XDS federation by default
* TlsCreds: Support revocation of intermediate in chain
Update to release 1.51.1
* Only a macOS/aarch64-related change
Update to release 1.51
* c-ares DNS resolver: fix logical race between resolution
timeout/cancellation and fd readability.
* Remove support for pthread TLS
Update to release 1.50.0
* Core
- Derive EventEngine from std::enable_shared_from_this. (#31060)
- Revert 'Revert '[chttp2] fix stream leak with queued flow control
update and absence of writes (#30907)' (#30991)'. (#30992)
- [chttp2] fix stream leak with queued flow control update and absence of writes. (#30907)
- Remove gpr_codegen. (#30899)
- client_channel: allow LB policy to communicate update errors to resolver. (#30809)
- FaultInjection: Fix random number generation. (#30623)
* C++
- OpenCensus Plugin: Add measure and views for started RPCs. (#31034)
* C#
- Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371)
- Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099). (#30411)
- Grpc.Tools document AdditionalImportDirs. (#30405)
- Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410)
Update to release 1.49.1
* All
- Update protobuf to v21.6 on 1.49.x. (#31028)
* Ruby
- Backport 'Fix ruby windows ucrt build #31051' to 1.49.x. (#31053)
Update to release 1.49.0
* Core
- Backport: 'stabilize the C2P resolver URI scheme' to v1.49.x. (#30654)
- Bump core version. (#30588)
- Update OpenCensus to HEAD. (#30567)
- Update protobuf submodule to 3.21.5. (#30548)
- Update third_party/protobuf to 3.21.4. (#30377)
- [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443)
- HTTP2: Fix keepalive time throttling. (#30164)
- Use AnyInvocable in EventEngine APIs. (#30220)
* Python
- Add type stub generation support to grpcio-tools. (#30498)
Update to release 1.48.1
* Backport EventEngine Forkables
Update to release 1.48.0
* C++14 is now required
* xDS: Workaround to get gRPC clients working with istio
Update to release 1.46.3
* backport: xds: use federation env var to guard new-style
resource name parsing (#29725) #29727
Update to release 1.46
* Added HTTP/1.1 support in httpcli
* HTTP2: Add graceful goaway
Update to release 1.45.2
* Various fixes related to XDS
* HTTP2: Should not run cancelling logic on servers when
receiving GOAWAY
Update to release 1.45.1
* Switched to epoll1 as a default polling engine for Linux
Update to version 1.45.0:
* Core:
- Backport 'Include ADS stream error in XDS error updates
(#29014)' to 1.45.x [gh#grpc/grpc#29121].
- Bump core version to 23.0.0 for upcoming release
[gh#grpc/grpc#29026].
- Fix memory leak in HTTP request security handshake
cancellation [gh#grpc/grpc#28971].
- CompositeChannelCredentials: Comparator implementation
[gh#grpc/grpc#28902].
- Delete custom iomgr [gh#grpc/grpc#28816].
- Implement transparent retries [gh#grpc/grpc#28548].
- Uniquify channel args keys [gh#grpc/grpc#28799].
- Set trailing_metadata_available for recv_initial_metadata
ops when generating a fake status [gh#grpc/grpc#28827].
- Eliminate gRPC insecure build [gh#grpc/grpc#25586].
- Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769].
- InsecureCredentials: singleton object [gh#grpc/grpc#28777].
- Add http cancel api [gh#grpc/grpc#28354].
- Memory leak fix on windows in grpc_tcp_create()
[gh#grpc/grpc#27457].
- xDS: Rbac filter updates [gh#grpc/grpc#28568].
* C++
- Bump the minimum gcc to 5 [gh#grpc/grpc#28786].
- Add experimental API for CRL checking support to gRPC C++
TlsCredentials [gh#grpc/grpc#28407].
Update to release 1.44.0
* Add a trace to list which filters are contained in a
channel stack.
* Remove grpc_httpcli_context.
* xDS: Add support for RBAC HTTP filter.
* API to cancel grpc_resolve_address.
Update to version 1.43.2:
* Fix google-c2p-experimental issue (gh#grpc/grpc#28692).
Changes from version 1.43.0:
* Core:
- Remove redundant work serializer usage in c-ares windows
code (gh#grpc/grpc#28016).
- Support RDS updates on the server (gh#grpc/grpc#27851).
- Use WorkSerializer in XdsClient to propagate updates in a
synchronized manner (gh#grpc/grpc#27975).
- Support Custom Post-handshake Verification in TlsCredentials
(gh#grpc/grpc#25631).
- Reintroduce the EventEngine default factory
(gh#grpc/grpc#27920).
- Assert Android API >= v21 (gh#grpc/grpc#27943).
- Add support for abstract unix domain sockets
(gh#grpc/grpc#27906).
* C++:
- OpenCensus: Move metadata storage to arena
(gh#grpc/grpc#27948).
* [C#] Add nullable type attributes to Grpc.Core.Api
(gh#grpc/grpc#27887).
- Update package name libgrpc++1 to libgrpc++1_43 in keeping with
updated so number.
Update to release 1.41.0
* xDS: Remove environmental variable guard for security.
* xDS Security: Use new way to fetch certificate provider
plugin instance config.
* xDS server serving status: Use a struct to allow more fields
to be added in the future.
Update to release 1.39.1
* Fix C# protoc plugin argument parsing on 1.39.x
Update to version 1.39.0:
* Core
- Initialize tcp_posix for CFStream when needed
(gh#grpc/grpc#26530).
- Update boringssl submodule (gh#grpc/grpc#26520).
- Fix backup poller races (gh#grpc/grpc#26446).
- Use default port 443 in HTTP CONNECT request
(gh#grpc/grpc#26331).
* C++
- New iomgr implementation backed by the EventEngine API
(gh#grpc/grpc#26026).
- async_unary_call: add a Destroy method, called by
std::default_delete (gh#grpc/grpc#26389).
- De-experimentalize C++ callback API (gh#grpc/grpc#25728).
* PHP: stop reading composer.json file just to read the version
string (gh#grpc/grpc#26156).
* Ruby: Set XDS user agent in ruby via macros
(gh#grpc/grpc#26268).
Update to release 1.38.0
* Invalidate ExecCtx now before computing timeouts in all
repeating timer events using a WorkSerializer or combiner.
* Fix use-after-unref bug in fault_injection_filter
* New gRPC EventEngine Interface
* Allow the AWS_DEFAULT_REGION environment variable
* s/OnServingStatusChange/OnServingStatusUpdate/
Update to release 1.37.1
* Use URI form of address for channelz listen node
* Implementation CSDS (xDS Config Dump)
* xDS status notifier
* Remove CAS loops in global subchannel pool and simplify
subchannel refcounting
Update to release 1.36.4
* A fix for DNS SRV lookups on Windows
Update to 1.36.1:
* Core:
* Remove unnecessary internal pollset set in c-ares DNS resolver
* Support Default Root Certs in Tls Credentials
* back-port: add env var protection for google-c2p resolver
* C++:
* Move third party identity C++ api out of experimental namespace
* refactor!: change error_details functions to templates
* Support ServerContext for callback API
* PHP:
* support for PSM security
* fixed segfault on reused call object
* fixed phpunit 8 warnings
* Python:
* Implement Python Client and Server xDS Creds
Update to version 1.34.1:
* Backport 'Lazily import grpc_tools when using runtime
stub/message generation' to 1.34.x (gh#grpc/grpc#25011).
* Backport 'do not use <PublicSign>true</PublicSign> on
non-windows' to 1.34.x (gh#grpc/grpc#24995).
Update to version 1.34.0:
* Core:
- Protect xds security code with the environment variable
'GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT'
(gh#grpc/grpc#24782).
- Add support for 'unix-abstract:' URIs to support abstract
unix domain sockets (gh#grpc/grpc#24500).
- Increment Index when parsing not plumbed SAN fields
(gh#grpc/grpc#24601).
- Revert 'Revert 'Deprecate
GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS''
(gh#grpc/grpc#24518).
- xds: Set status code to INVALID_ARGUMENT when NACKing
(gh#grpc/grpc#24516).
- Include stddef.h in address_sorting.h (gh#grpc/grpc#24514).
- xds: Add support for case_sensitive option in RouteMatch
(gh#grpc/grpc#24381).
* C++:
- Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503).
- Experimental support and tests for
CreateCustomInsecureChannelWithInterceptorsFromFd
(gh#grpc/grpc#24362).
Update to release 1.33.2
* Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS.
* Expose Cronet error message to the application layer.
* Remove grpc_channel_ping from surface API.
* Do not send BDP pings if there is no receive side activity.
Update to version 1.33.1
* Core
- Deprecate
GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS
(gh#grpc/grpc#24063).
- Expose Cronet error message to the application layer
(gh#grpc/grpc#24083).
- Remove grpc_channel_ping from surface API
(gh#grpc/grpc#23894).
- Do not send BDP pings if there is no receive side activity
(gh#grpc/grpc#22997).
* C++
- Makefile: only support building deps from submodule
(gh#grpc/grpc#23957).
- Add new subpackages - libupb and upb-devel. Currently, grpc
sources include also upb sources. Before this change, libupb and
upb-devel used to be included in a separate package - upb.
Update to version 1.32.0:
* Core
- Remove stream from stalled lists on remove_stream
(gh#grpc/grpc#23984).
- Do not cancel RPC if send metadata size if larger than
peer's limit (gh#grpc/grpc#23806).
- Don't consider receiving non-OK status as an error for HTTP2
(gh#grpc/grpc#19545).
- Keepalive throttling (gh#grpc/grpc#23313).
- Include the target_uri in 'target uri is not valid' error
messages (gh#grpc/grpc#23782).
- Fix 'cannot send compressed message large than 1024B' in
cronet_transport (gh#grpc/grpc#23219).
- Receive SETTINGS frame on clients before declaring
subchannel READY (gh#grpc/grpc#23636).
- Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372).
- Experimental xDS v3 support (gh#grpc/grpc#23281).
* C++
- Upgrade bazel used for all tests to 2.2.0
(gh#grpc/grpc#23902).
- Remove test targets and test helper libraries from Makefile
(gh#grpc/grpc#23813).
- Fix repeated builds broken by re2's cmake
(gh#grpc/grpc#23587).
- Log the peer address of grpc_cli CallMethod RPCs to stderr
(gh#grpc/grpc#23557).
opencensus-proto was updated to 0.3.0+git.20200721:
- Update to version 0.3.0+git.20200721:
* Bump version to 0.3.0
* Generate Go types using protocolbuffers/protobuf-go (#218)
* Load proto_library() rule. (#216)
- Update to version 0.2.1+git.20190826:
* Remove grpc_java dependency and java_proto rules. (#214)
* Add C++ targets, especially for gRPC services. (#212)
* Upgrade bazel and dependencies to latest. (#211)
* Bring back bazel cache to make CI faster. (#210)
* Travis: don't require sudo for bazel installation. (#209)
- Update to version 0.2.1:
* Add grpc-gateway for metrics service. (#205)
* Pin bazel version in travis builds (#207)
* Update gen-go files (#199)
* Add Web JS as a LibraryInfo.Language option (#198)
* Set up Python packaging for PyPI release. (#197)
* Add tracestate to links. (#191)
* Python proto file generator and generated proto files (#196)
* Ruby proto file generator and generated proto files (#192)
* Add py_proto_library() rules for envoy/api. (#194)
* Gradle: Upgrade dependency versions. (#193)
* Update release versions for readme. (#189)
* Start 0.3.0 development cycle
* Update gen-go files. (#187)
* Revert 'Start 0.3.0 development cycle (#167)' (#183)
* Revert optimization for metric descriptor and bucket options for now. (#184)
* Constant sampler: add option to always follow the parent's decision. (#182)
* Document that all maximum values must be specified. (#181)
* Fix typo in bucket bounds. (#178)
* Restrict people who can approve reviews. This is to ensure code quality. (#177)
* Use bazel cache to make CI faster. (#176)
* Add grpc generated files to the idea plugin. (#175)
* Add Resource to Span (#174)
* time is required (#170)
* Upgrade protobuf dependency to v3.6.1.3. (#173)
* assume Ok Status when not set (#171)
* Minor comments fixes (#160)
* Start 0.3.0 development cycle (#167)
* Update gen-go files. (#162)
* Update releasing instruction. (#163)
* Fix Travis build. (#165)
* Add OpenApi doc for trace agent grpc-gateway (#157)
* Add command to generate OpenApi/Swagger doc for grpc-gateway (#156)
* Update gen-go files (#155)
* Add trace export grpc-gateway config (#77)
* Fix bazel build after bazel upgrade (#154)
* README: Add gitter, javadoc and godoc badge. (#151)
* Update release versions for README. (#150)
* Start 0.2.0 development cycle
* Add resource and metrics_service proto to mkgogen. Re-generate gen-go files. (#147)
* Add resource to protocol (#137)
* Fix generating the javadoc. (#144)
* Metrics/TimeSeries: start time should not be included while end time should. (#142)
* README: Add instructions on using opencensus_proto with Bazel. (#140)
* agent/README: update package info. (#138)
* Agent: Add metrics service. (#136)
* Tracing: Add default limits to TraceConfig. (#133)
* Remove a stale TODO. (#134)
* README: Add a note about go_proto_library rules. (#135)
* add golang bazel build support (#132)
* Remove exporter protos from mkgogen. (#128)
* Update README and RELEASING. (#130)
* Change histogram buckets definition to be OpenMetrics compatible. (#121)
* Remove exporter/v1 protos. (#124)
* Clean up the README for Agent proto. (#126)
* Change Quantiles to ValuesAtPercentile. (#122)
* Extend the TraceService service to support export/config for multiple Applications. (#119)
* Add specifications on Agent implementation details. (#112)
* Update gitignore (#118)
* Remove maven support. Not used. (#116)
* Add gauge distribution. (#117)
* Add support for Summary type and value. (#110)
* Add Maven status and instructions on adding dependencies. (#115)
* Bump version to 0.0.3-SNAPSHOT
* Bump version to 0.0.2
* Update gen-go files. (#114)
* Gradle: Add missing source and javadoc rules. (#113)
* Add support for float attributes. (#98)
* Change from mean to sum in distribution. (#109)
* Bump version to v0.0.2-SNAPSHOT
* Bump version to v0.0.1
* Add releasing instructions in RELEASING.md. (#106)
* Add Gradle build rules for generating gRPC service and releasing to Maven. (#102)
* Re-organize proto directory structure. (#103)
* Update gen-go files. (#101)
* Add a note about interceptors of other libraries. (#94)
* agent/common/v1: use exporter_version, core_library_version in LibraryInfo (#100)
* opencensus/proto: add default Agent port to README (#97)
* Update the message names for Config RPC. (#93)
* Add details about agent protocol in the README. (#88)
* Update gen-go files. (#92)
* agent/trace/v1: fix signature for Config and comments too (#91)
* Update gen-go files. (#86)
* Make tracestate a list instead of a map to preserve ordering. (#84)
* Allow MetricDescriptor to be sent only the first time. (#78)
* Update mkgogen.sh. (#85)
* Add agent trace service proto definitions. (#79)
* Update proto and gen-go package names. (#83)
* Add agent/common proto and BUILD. (#81)
* Add trace_config.proto. (#80)
* Build exporters with maven. (#76)
* Make clear that cumulative int/float can go only up. (#75)
* Add tracestate field to the Span proto. (#74)
* gradle wrapper --gradle-version 4.9 (#72)
* Change from multiple types of timeseries to have one. (#71)
* Move exemplars in the Bucket. (#70)
* Update gen-go files. (#69)
* Move metrics in the top level directory. (#68)
* Remove Range from Distribution. No backend supports this. (#67)
* Remove unused MetricSet message. (#66)
* Metrics: Add Exemplar to DistributionValue. (#62)
* Gauge vs Cumulative. (#65)
* Clarifying comment about bucket boundaries. (#64)
* Make MetricDescriptor.Type capture the type of the value as well. (#63)
* Regenerate the Go artifacts (#61)
* Add export service proto (#60)
- Initial version 20180523
protobuf was updated to 25.1:
update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
C++:
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
Java:
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
currently has no value)
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of
put() directly (which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split('/')
returns an empty array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between
json name and field
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns
NotImplemented
* Emit __slots__ in pyi output as a tuple rather than a list
for --pyi_out.
* Fix a bug that strips options from descriptor.proto in
Python.
* Raise warings for message.UnknownFields() usages and navigate
to the new add
* Add protobuf python keyword support in path for stub
generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns
NotImplemented
* Check that ffi-compiler loads before using it to define
tasks.
UPB (Python/PHP/Ruby C-Extension):
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between
json name and field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will
decrease when memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2
file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
- Build with source and target levels 8
* fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
macro resolves the variables at the install time
update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
update to 23.3:
C++:
* Regenerate stale files
* Use the same ABI for static and shared libraries on non-
Windows platforms
* Add a workaround for GCC constexpr bug
Objective-C:
* Regenerate stale files
UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in
map.delete(k) for Ruby when string-keyed maps were in use.
Compiler:
* Add missing header to Objective-c generator
* Add a workaround for GCC constexpr bug
Java:
* Rollback of: Simplify protobuf Java message builder by
removing methods that calls the super class only.
Csharp:
* [C#] Replace regex that validates descriptor names
update to 22.5:
C++:
* Add missing cstdint header
* Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
* Avoid using string(JOIN..., which requires cmake 3.12
* Explicitly include GTest package in examples
* Bump Abseil submodule to 20230125.3 (#12660)
update to 22.4:
C++:
* Fix libprotoc: export useful symbols from .so
Python:
* Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other:
* Bump utf8_range to version with working pkg-config (#12584)
* Fix declared dependencies for pkg-config
* Update abseil dependency and reorder dependencies to ensure
we use the version specified in protobuf_deps.
* Turn off clang::musttail on i386
update to v22.3
UPB (Python/PHP/Ruby C-Extension):
* Remove src prefix from proto import
* Fix .gitmodules to use the correct absl branch
* Remove erroneous dependency on googletest
update to 22.2:
Java:
* Add version to intra proto dependencies and add kotlin stdlib
dependency
* Add $ back for osgi header
* Remove $ in pom files
update to 22.1:
* Add visibility of plugin.proto to python directory
* Strip 'src' from file name of plugin.proto
* Add OSGi headers to pom files.
* Remove errorprone dependency from kotlin protos.
* Version protoc according to the compiler version number.
- update to 22.0:
* This version includes breaking changes to: Cpp.
Please refer to the migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
and DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to
support split RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
update to v21.12:
* Python:
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid
proto.
update to 21.11:
* Python:
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
update to 21.10::
* Java:
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
update to 21.9:
* Ruby:
* Replace libc strdup usage with internal impl to restore musl compat (#10818)
* Auto capitalize enums name in Ruby (#10454) (#10763)
* Other:
* Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
* C++:
* 21.x No longer define no_threadlocal on OpenBSD (#10743)
* Java:
* Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
* Refactoring java full runtime to reuse sub-message builders and prepare to
migrate parsing logic from parse constructor to builder.
* Move proto wireformat parsing functionality from the private 'parsing
constructor' to the Builder class.
* Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This
way results in fewer allocations and copy operations.
* Make message-type extensions merge from wire-format instead of building up
instances and merging afterwards. This has much better performance.
* Fix TextFormat parser to build up recurring (but supposedly not repeated)
sub-messages directly from text rather than building a new sub-message and
merging the fully formed message into the existing field.
update to 21.6:
C++:
* Reduce memory consumption of MessageSet parsing
update to 21.5:
PHP:
* Added getContainingOneof and getRealContainingOneof to descriptor.
* fix PHP readonly legacy files for nested messages
Python:
* Fixed comparison of maps in Python.
- update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
- update to 21.3:
* C++:
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB:
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python
conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP:
* Add 'readonly' as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python:
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel:
* Add back a filegroup for :well_known_protos (#10061)
Update to 21.2:
- C++:
- cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
- Escape GetObject macro inside protoc-generated code (#9739)
- Update CMake configuration to add a dependency on Abseil (#9793)
- Fix cmake install targets (#9822)
- Use __constinit only in GCC 12.2 and up (#9936)
- Java:
- Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python:
- Increment python major version to 4 in version.json for python upb (#9926)
- The C extension module for Python has been rewritten to use the upb library.
- This is expected to deliver significant performance benefits, especially when
parsing large payloads. There are some minor breaking changes, but these
should not impact most users. For more information see:
https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP:
- [PHP] fix PHP build system (#9571)
- Fix building packaged PHP extension (#9727)
- fix: reserve 'ReadOnly' keyword for PHP 8.1 and add compatibility (#9633)
- fix: phpdoc syntax for repeatedfield parameters (#9784)
- fix: phpdoc for repeatedfield (#9783)
- Change enum string name for reserved words (#9780)
- chore: [PHP] fix phpdoc for MapField keys (#9536)
- Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby:
- Allow pre-compiled binaries for ruby 3.1.0 (#9566)
- Implement respond_to? in RubyMessage (#9677)
- [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
- Do not use range based UTF-8 validation in truffleruby (#9769)
- Improve range handling logic of RepeatedField (#9799)
- Other:
- Fix invalid dependency manifest when using descriptor_set_out (#9647)
- Remove duplicate java generated code (#9909)
- Update to 3.20.1:
- PHP:
- Fix building packaged PHP extension (#9727)
- Fixed composer.json to only advertise compatibility with
PHP 7.0+. (#9819)
- Ruby:
- Disable the aarch64 build on macOS until it can be fixed. (#9816)
- Other:
- Fix versioning issues in 3.20.0
- Update to 3.20.1:
- Ruby:
- Dropped Ruby 2.3 and 2.4 support for CI and releases.
(#9311)
- Added Ruby 3.1 support for CI and releases (#9566).
- Message.decode/encode: Add recursion_limit option
(#9218/#9486)
- Allocate with xrealloc()/xfree() so message allocation is
visible to the
- Ruby GC. In certain tests this leads to much lower memory
usage due to more
- frequent GC runs (#9586).
- Fix conversion of singleton classes in Ruby (#9342)
- Suppress warning for intentional circular require (#9556)
- JSON will now output shorter strings for double and float
fields when possible
- without losing precision.
- Encoding and decoding of binary format will now work
properly on big-endian
- systems.
- UTF-8 verification was fixed to properly reject surrogate
code points.
- Unknown enums for proto2 protos now properly implement
proto2's behavior of
- putting such values in unknown fields.
- Java:
- Revert 'Standardize on Array copyOf' (#9400)
- Resolve more java field accessor name conflicts (#8198)
- Fix parseFrom to only throw InvalidProtocolBufferException
- InvalidProtocolBufferException now allows arbitrary wrapped
Exception types.
- Fix bug in FieldSet.Builder.mergeFrom
- Flush CodedOutputStream also flushes underlying
OutputStream
- When oneof case is the same and the field type is Message,
merge the
- subfield. (previously it was replaced.)’
- Add @CheckReturnValue to some protobuf types
- Report original exceptions when parsing JSON
- Add more info to @deprecated javadoc for set/get/has
methods
- Fix initialization bug in doc comment line numbers
- Fix comments for message set wire format.
- Kotlin:
- Add test scope to kotlin-test for protobuf-kotlin-lite
(#9518)
- Add orNull extensions for optional message fields.
- Add orNull extensions to all proto3 message fields.
- Python:
- Dropped support for Python < 3.7 (#9480)
- Protoc is now able to generate python stubs (.pyi) with
--pyi_out
- Pin multibuild scripts to get manylinux1 wheels back
(#9216)
- Fix type annotations of some Duration and Timestamp
methods.
- Repeated field containers are now generic in field types
and could be used in type annotations.
- Protobuf python generated codes are simplified. Descriptors
and message classes' definitions are now dynamic created in
internal/builder.py.
- Insertion Points for messages classes are discarded.
- has_presence is added for FieldDescriptor in python
- Loosen indexing type requirements to allow valid index()
implementations rather than only PyLongObjects.
- Fix the deepcopy bug caused by not copying
message_listener.
- Added python JSON parse recursion limit (default 100)
- Path info is added for python JSON parse errors
- Pure python repeated scalar fields will not able to pickle.
Convert to list first.
- Timestamp.ToDatetime() now accepts an optional tzinfo
parameter. If specified, the function returns
a timezone-aware datetime in the given time zone. If
omitted or None, the function returns a timezone-naive UTC
datetime (as previously).
- Adds client_streaming and server_streaming fields to
MethodDescriptor.
- Add 'ensure_ascii' parameter to json_format.MessageToJson.
This allows smaller JSON serializations with UTF-8 or other
non-ASCII encodings.
- Added experimental support for directly assigning numpy
scalars and array.
- Improve the calculation of public_dependencies in
DescriptorPool.
- [Breaking Change] Disallow setting fields to numpy
singleton arrays or repeated fields to numpy
multi-dimensional arrays. Numpy arrays should be indexed or
flattened explicitly before assignment.
- Compiler:
- Migrate IsDefault(const std::string*) and
UnsafeSetDefault(const std::string*)
- Implement strong qualified tags for TaggedPtr
- Rework allocations to power-of-two byte sizes.
- Migrate IsDefault(const std::string*) and
UnsafeSetDefault(const std::string*)
- Implement strong qualified tags for TaggedPtr
- Make TaggedPtr Set...() calls explicitly spell out the
content type.
- Check for parsing error before verifying UTF8.
- Enforce a maximum message nesting limit of 32 in the
descriptor builder to
- guard against stack overflows
- Fixed bugs in operators for RepeatedPtrIterator
- Assert a maximum map alignment for allocated values
- Fix proto1 group extension protodb parsing error
- Do not log/report the same descriptor symbol multiple
times if it contains
- more than one invalid character.
- Add UnknownFieldSet::SerializeToString and
SerializeToCodedStream.
- Remove explicit default pointers and deprecated API from
protocol compiler
- Arenas:
- Change Repeated*Field to reuse memory when using arenas.
- Implements pbarenaz for profiling proto arenas
- Introduce CreateString() and CreateArenaString() for
cleaner semantics
- Fix unreferenced parameter for MSVC builds
- Add UnsafeSetAllocated to be used for one-of string
fields.
- Make Arena::AllocateAligned() a public function.
- Determine if ArenaDtor related code generation is
necessary in one place.
- Implement on demand register ArenaDtor for
InlinedStringField
- C++:
- Enable testing via CTest (#8737)
- Add option to use external GTest in CMake (#8736)
- CMake: Set correct sonames for libprotobuf-lite.so and
libprotoc.so (#8635) (#9529)
- Add cmake option protobuf_INSTALL to not install files
(#7123)
- CMake: Allow custom plugin options e.g. to generate mocks
(#9105)
- CMake: Use linker version scripts (#9545)
- Manually *struct Cord fields to work better with arenas.
- Manually destruct map fields.
- Generate narrower code
- Fix #9378 by removing
- shadowed cached_size field
- Remove GetPointer() and explicit nullptr defaults.
- Add proto_h flag for speeding up large builds
- Add missing overload for reference wrapped fields.
- Add MergedDescriptorDatabase::FindAllFileNames()
- RepeatedField now defines an iterator type instead of
using a pointer.
- Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and
GOOGLE_PROTOBUF_HAS_ARENAS.
- PHP:
- Fix: add missing reserved classnames (#9458)
- PHP 8.1 compatibility (#9370)
- C#:
- Fix trim warnings (#9182)
- Fixes NullReferenceException when accessing
FieldDescriptor.IsPacked (#9430)
- Add ToProto() method to all descriptor classes (#9426)
- Add an option to preserve proto names in JsonFormatter
(#6307)
- Objective-C:
- Add prefix_to_proto_package_mappings_path option. (#9498)
- Rename proto_package_to_prefix_mappings_path to
package_to_prefix_mappings_path. (#9552)
- Add a generation option to control use of forward
declarations in headers. (#9568)
- update to 3.19.4:
Python:
* Make libprotobuf symbols local on OSX to fix issue #9395 (#9435)
Ruby:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32
PHP:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32.
- Update to 3.19.3:
C++:
* Make proto2::Message::DiscardUnknownFields() non-virtual
* Separate RepeatedPtrField into its own header file
* For default floating point values of 0, consider all bits significant
* Fix shadowing warnings
* Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment
Java:
* Improve performance characteristics of UnknownFieldSet parsing
* For default floating point values of 0, consider all bits significant
* Annotate //java/com/google/protobuf/util/... with nullness annotations
* Use ArrayList copy constructor
Bazel:
* Ensure that release archives contain everything needed for Bazel
* Align dependency handling with Bazel best practices
Javascript:
* Fix ReferenceError: window is not defined when getting the global object
Ruby:
* Fix memory leak in MessageClass.encode
* Override Map.clone to use Map's dup method
* Ruby: build extensions for arm64-darwin
* Add class method Timestamp.from_time to ruby well known types
* Adopt pure ruby DSL implementation for JRuby
* Add size to Map class
* Fix for descriptor_pb.rb: google/protobuf should be required first
Python:
* Proto2 DecodeError now includes message name in error message
* Make MessageToDict convert map keys to strings
* Add python-requires in setup.py
* Add python 3.10
- Update to 3.17.3:
C++
* Introduce FieldAccessListener.
* Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class
* Provide stable versions of SortAndUnique().
* Make sure to cache proto3 optional message fields when they are cleared.
* Expose UnsafeArena methods to Reflection.
* Use std::string::empty() rather than std::string::size() > 0.
* [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in incorrect order (#8296)
* Fix PROTOBUF_CONSTINIT macro redefinition (#8323)
* Delete StringPiecePod (#8353)
* Create a CMake option to control whether or not RTTI is enabled (#8347)
* Make util::Status more similar to absl::Status (#8405)
* The ::pb namespace is no longer exposed due to conflicts.
* Allow MessageDifferencer::TreatAsSet() (and friends) to override previous
calls instead of crashing.
* Reduce the size of generated proto headers for protos with string or
bytes fields.
* Move arena() operation on uncommon path to out-of-line routine
* For iterator-pair function parameter types, take both iterators by value.
* Code-space savings and perhaps some modest performance improvements in
* RepeatedPtrField.
* Eliminate nullptr check from every tag parse.
* Remove unused _$name$cached_byte_size fields.
* Serialize extension ranges together when not broken by a proto field in the
middle.
* Do out-of-line allocation and deallocation of string object in ArenaString.
* Streamline ParseContext::ParseMessage to avoid code bloat and improve
performance.
* New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}.
on an error path.
* util::DefaultFieldComparator will be final in a future version of protobuf.
* Subclasses should inherit from SimpleFieldComparator instead.
Kotlin
* Introduce support for Kotlin protos (#8272)
* Restrict extension setter and getter operators to non-nullable T.
Java
* Fixed parser to check that we are at a proper limit when a sub-message has
finished parsing.
* updating GSON and Guava to more recent versions (#8524)
* Reduce the time spent evaluating isExtensionNumber by storing the extension
ranges in a TreeMap for faster queries. This is particularly relevant for
protos which define a large number of extension ranges, for example when
each tag is defined as an extension.
* Fix java bytecode estimation logic for optional fields.
* Optimize Descriptor.isExtensionNumber.
* deps: update JUnit and Truth (#8319)
* Detect invalid overflow of byteLimit and return InvalidProtocolBufferException as documented.
* Exceptions thrown while reading from an InputStream in parseFrom are now
included as causes.
* Support potentially more efficient proto parsing from RopeByteStrings.
* Clarify runtime of ByteString.Output.toStringBuffer().
* Added UnsafeByteOperations to protobuf-lite (#8426)
Python:
* Add MethodDescriptor.CopyToProto() (#8327)
* Remove unused python_protobuf.{cc,h} (#8513)
* Start publishing python aarch64 manylinux wheels normally (#8530)
* Fix constness issue detected by MSVC standard conforming mode (#8568)
* Make JSON parsing match C++ and Java when multiple fields from the same
oneof are present and all but one is null.
* Fix some constness / char literal issues being found by MSVC standard conforming mode (#8344)
* Switch on 'new' buffer API (#8339)
* Enable crosscompiling aarch64 python wheels under dockcross manylinux docker image (#8280)
* Fixed a bug in text format where a trailing colon was printed for repeated field.
* When TextFormat encounters a duplicate message map key, replace the current
one instead of merging.
Ruby:
* Add support for proto3 json_name in compiler and field definitions (#8356)
* Fixed memory leak of Ruby arena objects. (#8461)
* Fix source gem compilation (#8471)
* Fix various exceptions in Ruby on 64-bit Windows (#8563)
* Fix crash when calculating Message hash values on 64-bit Windows (#8565)
General:
* Support M1 (#8557)
Update to 3.15.8:
- Fixed memory leak of Ruby arena objects (#8461)
Update to 3.15.7:
C++:
* Remove the ::pb namespace (alias) (#8423)
Ruby:
* Fix unbounded memory growth for Ruby <2.7 (#8429)
* Fixed message equality in cases where the message type is different (#8434)
update to 3.15.6:
Ruby:
* Fixed bug in string comparison logic (#8386)
* Fixed quadratic memory use in array append (#8379)
* Fixed SEGV when users pass nil messages (#8363)
* Fixed quadratic memory usage when appending to arrays (#8364)
* Ruby <2.7 now uses WeakMap too, which prevents memory leaks. (#8341)
* Fix for FieldDescriptor.get(msg) (#8330)
* Bugfix for Message.[] for repeated or map fields (#8313)
PHP:
* read_property() handler is not supposed to return NULL (#8362)
Protocol Compiler
* Optional fields for proto3 are enabled by default, and no longer require
the --experimental_allow_proto3_optional flag.
C++:
* Do not disable RTTI by default in the CMake build (#8377)
* Create a CMake option to control whether or not RTTI is enabled (#8361)
* Fix PROTOBUF_CONSTINIT macro redefinition (#8323)
* MessageDifferencer: fixed bug when using custom ignore with multiple
unknown fields
* Use init_seg in MSVC to push initialization to an earlier phase.
* Runtime no longer triggers -Wsign-compare warnings.
* Fixed -Wtautological-constant-out-of-range-compare warning.
* DynamicCastToGenerated works for nullptr input for even if RTTI is disabled
* Arena is refactored and optimized.
* Clarified/specified that the exact value of Arena::SpaceAllocated() is an
implementation detail users must not rely on. It should not be used in
unit tests.
* Change the signature of Any::PackFrom() to return false on error.
* Add fast reflection getter API for strings.
* Constant initialize the global message instances
* Avoid potential for missed wakeup in UnknownFieldSet
* Now Proto3 Oneof fields have 'has' methods for checking their presence in
C++.
* Bugfix for NVCC
* Return early in _InternalSerialize for empty maps.
* Adding functionality for outputting map key values in proto path logging
output (does not affect comparison logic) and stop printing 'value' in the
path. The modified print functionality is in the
MessageDifferencer::StreamReporter.
* Fixed https://github.com/protocolbuffers/protobuf/issues/8129
* Ensure that null char symbol, package and file names do not result in a
crash.
* Constant initialize the global message instances
* Pretty print 'max' instead of numeric values in reserved ranges.
* Removed remaining instances of std::is_pod, which is deprecated in C++20.
* Changes to reduce code size for unknown field handling by making uncommon
cases out of line.
* Fix std::is_pod deprecated in C++20 (#7180)
* Fix some -Wunused-parameter warnings (#8053)
* Fix detecting file as directory on zOS issue #8051 (#8052)
* Don't include sys/param.h for _BYTE_ORDER (#8106)
* remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154)
* Fix TextFormatMapTest.DynamicMessage issue#5136 (#8159)
* Fix for compiler warning issue#8145 (#8160)
* fix: support deprecated enums for GCC < 6 (#8164)
* Fix some warning when compiling with Visual Studio 2019 on x64 target (#8125)
Python:
* Provided an override for the reverse() method that will reverse the internal
collection directly instead of using the other methods of the BaseContainer.
* MessageFactory.CreateProtoype can be overridden to customize class creation.
* Fix PyUnknownFields memory leak (#7928)
* Add macOS big sur compatibility (#8126)
JavaScript
* Generate `getDescriptor` methods with `*` as their `this` type.
* Enforce `let/const` for generated messages.
* js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with
negative bitsLow and low but non-zero bitsHigh parameter. (#8170)
PHP:
* Added support for PHP 8. (#8105)
* unregister INI entries and fix invalid read on shutdown (#8042)
* Fix PhpDoc comments for message accessors to include '|null'. (#8136)
* fix: convert native PHP floats to single precision (#8187)
* Fixed PHP to support field numbers >=2**28. (#8235)
* feat: add support for deprecated fields to PHP compiler (#8223)
* Protect against stack overflow if the user derives from Message. (#8248)
* Fixed clone for Message, RepeatedField, and MapField. (#8245)
* Updated upb to allow nonzero offset minutes in JSON timestamps. (#8258)
Ruby:
* Added support for Ruby 3. (#8184)
* Rewrote the data storage layer to be based on upb_msg objects from the
upb library. This should lead to much better parsing performance,
particularly for large messages. (#8184).
* Fill out JRuby support (#7923)
* [Ruby] Fix: (SIGSEGV) gRPC-Ruby issue on Windows. memory alloc infinite
recursion/run out of memory (#8195)
* Fix jruby support to handle messages nested more than 1 level deep (#8194)
Java:
* Avoid possible UnsupportedOperationException when using CodedInputSteam
with a direct ByteBuffer.
* Make Durations.comparator() and Timestamps.comparator() Serializable.
* Add more detailed error information for dynamic message field type
validation failure
* Removed declarations of functions declared in java_names.h from
java_helpers.h.
* Now Proto3 Oneof fields have 'has' methods for checking their presence in
Java.
* Annotates Java proto generated *_FIELD_NUMBER constants.
* Add -assumevalues to remove JvmMemoryAccessor on Android.
C#:
* Fix parsing negative Int32Value that crosses segment boundary (#8035)
* Change ByteString to use memory and support unsafe create without copy (#7645)
* Optimize MapField serialization by removing MessageAdapter (#8143)
* Allow FileDescriptors to be parsed with extension registries (#8220)
* Optimize writing small strings (#8149)
- Updated URL to https://github.com/protocolbuffers/protobuf
Update to v3.14.0
Protocol Compiler:
* The proto compiler no longer requires a .proto filename when it is not
generating code.
* Added flag `--deterministic_output` to `protoc --encode=...`.
* Fixed deadlock when using google.protobuf.Any embedded in aggregate options.
C++:
* Arenas are now unconditionally enabled. cc_enable_arenas no longer has
any effect.
* Removed inlined string support, which is incompatible with arenas.
* Fix a memory corruption bug in reflection when mixing optional and
non-optional fields.
* Make SpaceUsed() calculation more thorough for map fields.
* Add stack overflow protection for text format with unknown field values.
* FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds
error was encountered.
* Performance improvements for Map.
* Minor formatting fix when dumping a descriptor to .proto format with
DebugString.
* UBSAN fix in RepeatedField
* When running under ASAN, skip a test that makes huge allocations.
* Fixed a crash that could happen when creating more than 256 extensions in
a single message.
* Fix a crash in BuildFile when passing in invalid descriptor proto.
* Parser security fix when operating with CodedInputStream.
* Warn against the use of AllowUnknownExtension.
* Migrated to C++11 for-range loops instead of index-based loops where
possible. This fixes a lot of warnings when compiling with -Wsign-compare.
* Fix segment fault for proto3 optional
* Adds a CMake option to build `libprotoc` separately
Java
* Bugfix in mergeFrom() when a oneof has multiple message fields.
* Fix RopeByteString.RopeInputStream.read() returning -1 when told to read
0 bytes when not at EOF.
* Redefine remove(Object) on primitive repeated field Lists to avoid
autoboxing.
* Support '\u' escapes in textformat string literals.
* Trailing empty spaces are no longer ignored for FieldMask.
* Fix FieldMaskUtil.subtract to recursively remove mask.
* Mark enums with `@java.lang.Deprecated` if the proto enum has option
`deprecated = true;`.
* Adding forgotten duration.proto to the lite library
Python:
* Print google.protobuf.NullValue as null instead of 'NULL_VALUE' when it is
used outside WKT Value/Struct.
* Fix bug occurring when attempting to deep copy an enum type in python 3.
* Add a setuptools extension for generating Python protobufs
* Remove uses of pkg_resources in non-namespace packages
* [bazel/py] Omit google/__init__.py from the Protobuf runtime
* Removed the unnecessary setuptools package dependency for Python package
* Fix PyUnknownFields memory leak
PHP:
* Added support for '==' to the PHP C extension
* Added `==` operators for Map and Array
* Native C well-known types
* Optimized away hex2bin() call in generated code
* New version of upb, and a new hash function wyhash in third_party
* add missing hasOneof method to check presence of oneof fields
Go:
* Update go_package options to reference google.golang.org/protobuf module.
C#:
* annotate ByteString.CopyFrom(ReadOnlySpan<byte>) as SecuritySafeCritical
* Fix C# optional field reflection when there are regular fields too
* Fix parsing negative Int32Value that crosses segment boundary
Javascript:
* JS: parse (un)packed fields conditionally
Update to version 3.13.0
PHP:
* The C extension is completely rewritten. The new C extension has significantly
better parsing performance and fixes a handful of conformance issues. It will
also make it easier to add support for more features like proto2 and proto3 presence.
* The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP.
C++:
* Removed deprecated unsafe arena string accessors
* Enabled heterogeneous lookup for std::string keys in maps.
* Removed implicit conversion from StringPiece to std::string
* Fix use-after-destroy bug when the Map is allocated in the arena.
* Improved the randomness of map ordering
* Added stack overflow protection for text format with unknown fields
* Use std::hash for proto maps to help with portability.
* Added more Windows macros to proto whitelist.
* Arena constructors for map entry messages are now marked 'explicit'
(for regular messages they were already explicit).
* Fix subtle aliasing bug in RepeatedField::Add
* Fix mismatch between MapEntry ByteSize and Serialize with respect to unset
fields.
Python:
* JSON format conformance fixes:
* Reject lowercase t for Timestamp json format.
* Print full_name directly for extensions (no camelCase).
* Reject boolean values for integer fields.
* Reject NaN, Infinity, -Infinity that is not quoted.
* Base64 fixes for bytes fields: accept URL-safe base64 and missing padding.
* Bugfix for fields/files named 'async' or 'await'.
* Improved the error message when AttributeError is returned from __getattr__
in EnumTypeWrapper.
Java:
* Fixed a bug where setting optional proto3 enums with setFooValue() would
not mark the value as present.
* Add Subtract function to FieldMaskUtil.
C#:
* Dropped support for netstandard1.0 (replaced by support for netstandard1.1).
This was required to modernize the parsing stack to use the `Span<byte>`
type internally
* Add `ParseFrom(ReadOnlySequence<byte>)` method to enable GC friendly
parsing with reduced allocations and buffer copies
* Add support for serialization directly to a `IBufferWriter<byte>` or
to a `Span<byte>` to enable GC friendly serialization.
The new API is available as extension methods on the `IMessage` type
* Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make
generated code compatible with old C# compilers (pre-roslyn compilers
from .NET framework and old versions of mono) that do not support
ref structs. Users that are still on a legacy stack that does
not support C# 7.2 compiler might need to use the new define
in their projects to be able to build the newly generated code
* Due to the major overhaul of parsing and serialization internals,
it is recommended to regenerate your generated code to achieve the best
performance (the legacy generated code will still work, but might incur
a slight performance penalty).
Update to version 3.12.3; notable changes since 3.11.4:
Protocol Compiler:
* [experimental] Singular, non-message typed fields in proto3 now support
presence tracking. This is enabled by adding the 'optional' field label and
passing the --experimental_allow_proto3_optional flag to protoc.
* For usage info, see docs/field_presence.md.
* During this experimental phase, code generators should update to support
proto3 presence, see docs/implementing_proto3_presence.md for instructions.
* Allow duplicate symbol names when multiple descriptor sets are passed on
the command-line, to match the behavior when multiple .proto files are passed.
* Deterministic `protoc --descriptor_set_out` (#7175)
Objective-C:
* Tweak the union used for Extensions to support old generated code. #7573
* Fix for the :protobuf_objc target in the Bazel BUILD file. (#7538)
* [experimental] ObjC Proto3 optional support (#7421)
* Block subclassing of generated classes (#7124)
* Use references to Obj C classes instead of names in descriptors. (#7026)
* Revisit how the WKTs are bundled with ObjC. (#7173)
C++:
* Simplified the template export macros to fix the build for mingw32. (#7539)
* [experimental] Added proto3 presence support.
* New descriptor APIs to support proto3 presence.
* Enable Arenas by default on all .proto files.
* Documented that users are not allowed to subclass Message or MessageLite.
* Mark generated classes as final; inheriting from protos is strongly discouraged.
* Add stack overflow protection for text format with unknown fields.
* Add accessors for map key and value FieldDescriptors.
* Add FieldMaskUtil::FromFieldNumbers().
* MessageDifferencer: use ParsePartial() on Any fields so the diff does not
fail when there are missing required fields.
* ReflectionOps::Merge(): lookup messages in the right factory, if it can.
* Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type()
accessor as an easier way of determining if a message is a Well-Known Type.
* Optimized RepeatedField::Add() when it is used in a loop.
* Made proto move/swap more efficient.
* De-virtualize the GetArena() method in MessageLite.
* Improves performance of json_stream_parser.cc by factor 1000 (#7230)
* bug: #7076 undefine Windows OUT and OPTIONAL macros (#7087)
* Fixed a bug in FieldDescriptor::DebugString() that would erroneously print
an 'optional' label for a field in a oneof.
* Fix bug in parsing bool extensions that assumed they are always 1 byte.
* Fix off-by-one error in FieldOptions::ByteSize() when extensions are present.
* Clarified the comments to show an example of the difference between
Descriptor::extension and DescriptorPool::FindAllExtensions.
* Add a compiler option 'code_size' to force optimize_for=code_size on all
protos where this is possible.
Ruby:
* Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however
many people still use them and dropping support will require more
coordination.
* [experimental] Implemented proto3 presence for Ruby. (#7406)
* Stop building binary gems for ruby <2.5 (#7453)
* Fix for wrappers with a zero value (#7195)
* Fix for JSON serialization of 0/empty-valued wrapper types (#7198)
* Call 'Class#new' over rb_class_new_instance in decoding (#7352)
* Build extensions for Ruby 2.7 (#7027)
* assigning 'nil' to submessage should clear the field. (#7397)
Java:
* [experimental] Added proto3 presence support.
* Mark java enum _VALUE constants as @Deprecated if the enum field is deprecated
* reduce <clinit> size for enums with allow_alias set to true.
* Sort map fields alphabetically by the field's key when printing textproto.
* Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508).
* TextFormat.merge() handles Any as top level type.
* Throw a descriptive IllegalArgumentException when calling
getValueDescriptor() on enum special value UNRECOGNIZED instead of
ArrayIndexOutOfBoundsException.
* Fixed an issue with JsonFormat.printer() where setting printingEnumsAsInts()
would override the configuration passed into includingDefaultValueFields().
* Implement overrides of indexOf() and contains() on primitive lists returned
for repeated fields to avoid autoboxing the list contents.
* Add overload to FieldMaskUtil.fromStringList that accepts a descriptor.
* [bazel] Move Java runtime/toolchains into //java (#7190)
Python:
* [experimental] Added proto3 presence support.
* [experimental] fast import protobuf module, only works with cpp generated code linked in.
* Truncate 'float' fields to 4 bytes of precision in setters for pure-Python
implementation (C++ extension was already doing this).
* Fixed a memory leak in C++ bindings.
* Added a deprecation warning when code tries to create Descriptor objects
directly.
* Fix unintended comparison between bytes and string in descriptor.py.
* Avoid printing excess digits for float fields in TextFormat.
* Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code.
* Drop 3.3, 3.4 and use single version docker images for all python tests (#7396)
JavaScript:
* Fix js message pivot selection (#6813)
PHP:
* Persistent Descriptor Pool (#6899)
* Implement lazy loading of php class for proto messages (#6911)
* Correct @return in Any.unpack docblock (#7089)
* Ignore unknown enum value when ignore_unknown specified (#7455)
C#:
* [experimental] Add support for proto3 presence fields in C# (#7382)
* Mark GetOption API as obsolete and expose the 'GetOptions()' method on descriptors instead (#7491)
* Remove Has/Clear members for C# message fields in proto2 (#7429)
* Enforce recursion depth checking for unknown fields (#7132)
* Fix conformance test failures for Google.Protobuf (#6910)
* Cleanup various bits of Google.Protobuf (#6674)
* Fix latest ArgumentException for C# extensions (#6938)
* Remove unnecessary branch from ReadTag (#7289)
Other:
* Add a proto_lang_toolchain for javalite (#6882)
* [bazel] Update gtest and deprecate //external:{gtest,gtest_main} (#7237)
* Add application note for explicit presence tracking. (#7390)
* Howto doc for implementing proto3 presence in a code generator. (#7407)
Update to version 3.11.4; notable changes since 3.9.2:
* C++: Make serialization method naming consistent
* C++: Moved ShutdownProtobufLibrary() to message_lite.h. For
backward compatibility a declaration is still available
in stubs/common.h, but users should prefer message_lite.h
* C++: Removed non-namespace macro EXPECT_OK()
* C++: Removed mathlimits.h from stubs in favor of using
std::numeric_limits from C++11
* C++: Support direct pickling of nested messages
* C++: Disable extension code gen for C#
* C++: Switch the proto parser to the faster MOMI parser
* C++: Unused imports of files defining descriptor extensions
will now be reported
* C++: Add proto2::util::RemoveSubranges to remove multiple
subranges in linear time
* C++: Support 32 bit values for ProtoStreamObjectWriter to Struct
* C++: Removed the internal-only header coded_stream_inl.h and
the internal-only methods defined there
* C++: Enforced no SWIG wrapping of descriptor_database.h
(other headers already had this restriction)
* C++: Implementation of the equivalent of the MOMI parser for
serialization. This removes one of the two serialization
routines, by making the fast array serialization routine
completely general. SerializeToCodedStream can now be
implemented in terms of the much much faster array
serialization. The array serialization regresses slightly,
but when array serialization is not possible this wins big
* C++: Add move constructor for Reflection's SetString
* Java: Remove the usage of MethodHandle, so that Android users
prior to API version 26 can use protobuf-java
* Java: Publish ProGuard config for javalite
* Java: Include unknown fields when merging proto3 messages in
Java lite builders
* Java: Have oneof enums implement a separate interface (other
than EnumLite) for clarity
* Java: Opensource Android Memory Accessors
* Java: Change ProtobufArrayList to use Object[] instead of
ArrayList for 5-10% faster parsing
* Java: Make a copy of JsonFormat.TypeRegistry at the protobuf
top level package. This will eventually replace
JsonFormat.TypeRegistry
* Java: Add Automatic-Module-Name entries to the Manifest
* Python: Add float_precision option in json format printer
* Python: Optionally print bytes fields as messages in unknown
fields, if possible
* Python: Experimental code gen (fast import protobuf module)
which only work with cpp generated code linked in
* Python: Add descriptor methods in descriptor_pool are deprecated
* Python: Added delitem for Python extension dict
* JavaScript: Remove guard for Symbol iterator for jspb.Map
* JavaScript: Remove deprecated boolean option to getResultBase64String()
* JavaScript: Change the parameter types of binaryReaderFn in
ExtensionFieldBinaryInfo to (number, ?, ?)
* JavaScript: Create dates.ts and time_of_days.ts to mirror Java
versions. This is a near-identical conversion of
c.g.type.util.{Dates,TimeOfDays} respectively
* JavaScript: Migrate moneys to TypeScript
* PHP: Increase php7.4 compatibility
* PHP: Implement lazy loading of php class for proto messages
* Ruby: Support hashes for struct initializers
* C#: Experimental proto2 support is now officially available
* C#: Change _Extensions property to normal body rather than expression
* Objective C: Remove OSReadLittle* due to alignment requirements
* Other: Override CocoaPods module to lowercase
* further bugfixes and optimisations
- Install LICENSE
- Drop protobuf-libs as it is just workaround for rpmlint issue
* python bindings now require recent python-google-apputils
* Released memory allocated by InitializeDefaultRepeatedFields()
and GetEmptyString(). Some memory sanitizers reported them
* Updated DynamicMessage.setField() to handle repeated enum
* Fixed a bug that caused NullPointerException to be thrown when
converting manually constructed FileDescriptorProto to
* Added oneofs(unions) feature. Fields in the same oneof will
* Files, services, enums, messages, methods and enum values
* Added Support for list values, including lists of mesaages,
* Added SwapFields() in reflection API to swap a subset of
* Repeated primitive extensions are now packable. The
it is possible to switch a repeated extension field to
* writeTo() method in ByteString can now write a substring to
* java_generate_equals_and_hash can now be used with the
* A new C++-backed extension module (aka 'cpp api v2') that
replaces the old ('cpp api v1') one. Much faster than the
pure Python code. This one resolves many bugs and is
mosh reqires it
python-abseil was udpated:
version update to 1.4.0
New:
(testing) Added @flagsaver.as_parsed: this allows saving/restoring flags
using string values as if parsed from the command line and will also reflect
other flag states after command line parsing, e.g. .present is set.
Changed:
(logging) If no log dir is specified logging.find_log_dir() now falls back
to tempfile.gettempdir() instead of /tmp/.
Fixed:
(flags) Additional kwargs (e.g. short_name=) to DEFINE_multi_enum_class
are now correctly passed to the underlying Flag object.
version update to 1.2.0
* Fixed a crash in Python 3.11 when `TempFileCleanup.SUCCESS` is used.
* `Flag` instances now raise an error if used in a bool context. This prevents
the occasional mistake of testing an instance for truthiness rather than
testing `flag.value`.
* `absl-py` no longer depends on `six`.
Update to version 1.0.0
* absl-py no longer supports Python 2.7, 3.4, 3.5. All versions
have reached end-of-life for more than a year now.
* New releases will be tagged as vX.Y.Z instead of pypi-vX.Y.Z in
the git repo going forward.
- Release notes for 0.15.0
* (testing) #128: When running bazel with its --test_filter=
flag, it now treats the filters as unittest's -k flag in Python
3.7+.
- Release notes for 0.14.1
* Top-level LICENSE file is now exported in bazel.
- Release notes for 0.14.0
* #171: Creating argparse_flags.ArgumentParser with
argument_default= no longer raises an exception when other
absl.flags flags are defined.
* #173: absltest now correctly sets up test filtering and fail
fast flags when an explicit argv= parameter is passed to
absltest.main.
- Release notes for 0.13.0
* (app) Type annotations for public app interfaces.
* (testing) Added new decorator @absltest.skipThisClass to
indicate a class contains shared functionality to be used as a
base class for other TestCases, and therefore should be
skipped.
* (app) Annotated the flag_parser paramteter of run as
keyword-only. This keyword-only constraint will be enforced at
runtime in a future release.
* (app, flags) Flag validations now include all errors from
disjoint flag sets, instead of fail fast upon first error from
all validators. Multiple validators on the same flag still
fails fast.
- Release notes for 0.12.0
* (flags) Made EnumClassSerializer and EnumClassListSerializer
public.
* (flags) Added a required: Optional[bool] = False parameter to
DEFINE_* functions.
* (testing) flagsaver overrides can now be specified in terms of
FlagHolder.
* (testing) parameterized.product: Allows testing a method over
cartesian product of parameters values, specified as a
sequences of values for each parameter or as kwargs-like dicts
of parameter values.
* (testing) Added public flag holders for --test_srcdir and
--test_tmpdir. Users should use absltest.TEST_SRCDIR.value and
absltest.TEST_TMPDIR.value instead of FLAGS.test_srcdir and
FLAGS.test_tmpdir.
* (flags) Made CsvListSerializer respect its delimiter argument.
- Add Provides python-absl-py
python-grpcuio was updated:
- Update to version 1.60.0:
* No python specfic changes.
- Update to version 1.59.2:
* No python specific changes.
- Update to version 1.59.0:
* [Python 3.12] Support Python 3.12 (gh#grpc/grpc#34398).
* [Python 3.12] Deprecate distutil (gh#grpc/grpc#34186).
- Update to version 1.58.0:
* [Bazel] Enable grpcio-reflection to be used via Bazel
(gh#grpc/grpc#31013).
* [packaging] Publish xds-protos as part of the standard package
pipeline (gh#grpc/grpc#33797).
- Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* [posix] Enable systemd sockets for libsystemd>=233
(gh#grpc/grpc#32671).
* [python O11Y] Initial Implementation (gh#grpc/grpc#32974).
- Build with LTO (don't set _lto_cflags to %nil).
- No need to pass '-std=c++17' to build CFLAGS.
- Update to version 1.56.2:
* [WRR] backport (gh#grpc/grpc#33694) to 1.56
(gh#grpc/grpc#33698)
* [backport][iomgr][EventEngine] Improve server handling of
file descriptor exhaustion (gh#grpc/grpc#33667)
- Switch build to pip/wheel.
- Use system abseil with '-std=c++17' to prevent undefined symbol
eg. with python-grpcio-tools (_ZN3re23RE213GlobalReplaceEPNSt7__
cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKS0_N4absl12lts_
2023012511string_viewE)
- Upstream only supports python >= 3.7, so adjust BuildRequires
accordingly.
- Add %{?sle15_python_module_pythons}
- Update to version 1.56.0: (CVE-2023-32731, bsc#1212180)
* [aio types] Fix some grpc.aio python types
(gh#grpc/grpc#32475).
- Update to version 1.55.0:
* [EventEngine] Disable EventEngine polling in gRPC Python
(gh#grpc/grpc#33279) (gh#grpc/grpc#33320).
* [Bazel Python3.11] Update Bazel dependencies for Python 3.11
(gh#grpc/grpc#33318) (gh#grpc/grpc#33319).
- Drop Requires: python-six; not required any more.
- Switch Suggests to Recommends.
- Update to version 1.54.0: (CVE-2023-32732, bsc#1212182)
* Fix DeprecationWarning when calling asyncio.get_event_loop()
(gh#grpc/grpc#32533).
* Remove references to deprecated syntax field
(gh#grpc/grpc#32497).
- Update to version 1.51.1:
* No Linux specific changes.
- Changes from version 1.51.0:
* Fix lack of cooldown between poll attempts
(gh#grpc/grpc#31550).
* Remove enum and future (gh#grpc/grpc#31381).
* [Remove Six] Remove dependency on six (gh#grpc/grpc#31340).
* Update xds-protos package to pull in protobuf 4.X
(gh#grpc/grpc#31113).
- Update to version 1.50.0:
* Support Python 3.11. [gh#grpc/grpc#30818].
- Update to version 1.49.1
* Support Python 3.11. (#30818)
* Add type stub generation support to grpcio-tools. (#30498)
- Update to version 1.48.0:
* [Aio] Ensure Core channel closes when deallocated
[gh#grpc/grpc#29797].
* [Aio] Fix the wait_for_termination return value
[gh#grpc/grpc#29795].
- update to 1.46.3:
* backport: xds: use federation env var to guard new-style resource name parsing
* This release contains refinements, improvements, and bug fixes.
- Update to version 1.46.0:
* Add Python GCF Distribtest [gh#grpc/grpc#29303].
* Add Python Reflection Client [gh#grpc/grpc#29085].
* Revert 'Fix prefork handler register's default behavior'
[gh#grpc/grpc#29229].
* Fix prefork handler register's default behavior
[gh#grpc/grpc#29103].
* Fix fetching CXX variable in setup.py [gh#grpc/grpc#28873].
- Update to version 1.45.0:
* Reimplement Gevent Integration [gh#grpc/grpc#28276].
* Support musllinux binary wheels on x64 and x86
[gh#grpc/grpc#28092].
* Increase the Python protobuf requirement to >=3.12.0
[gh#grpc/grpc#28604].
- Build with system re2; add BuildRequires: pkgconfig(re2).
- Update to version 1.44.0:
* Add python async example for hellostreamingworld using
generator (gh#grpc/grpc#27343).
* Disable __wrap_memcpy hack for Python builds
(gh#grpc/grpc#28410).
* Bump Bazel Python Cython dependency to 0.29.26
(gh#grpc/grpc#28398).
* Fix libatomic linking on Raspberry Pi OS Bullseye
(gh#grpc/grpc#28041).
* Allow generated proto sources in remote repositories for
py_proto_library (gh#grpc/grpc#28103).
- Update to version 1.43.0:
* [Aio] Validate the input type for set_trailing_metadata and
abort (gh#grpc/grpc#27958).
- update to 1.41.1:
* This is release 1.41.0 (goat) of gRPC Core.
- Update to version 1.41.0:
* Add Python 3.10 support and drop 3.5 (gh#grpc/grpc#26074).
* [Aio] Remove custom IO manager support (gh#grpc/grpc#27090).
- Update to version 1.39.0:
* Python AIO: Match continuation typing on Interceptors
(gh#grpc/grpc#26500).
* Workaround #26279 by publishing manylinux_2_24 wheels instead
of manylinux2014 on aarch64 (gh#grpc/grpc#26430).
* Fix zlib unistd.h import problem (gh#grpc/grpc#26374).
* Handle gevent exception in gevent poller (gh#grpc/grpc#26058).
- Update to version 1.38.1:
* Backport gh#grpc/grpc#26430 and gh#grpc/grpc#26435 to v1.38.x
(gh#grpc/grpc#26436).
- Update to version 1.38.0:
* Add grpcio-admin Python package (gh#grpc/grpc#26166).
* Add CSDS API to Python (gh#grpc/grpc#26114).
* Expose code and details from context on the server side
(gh#grpc/grpc#25457).
* Explicitly import importlib.abc; required on Python 3.10.
Fixes #26062 (gh#grpc/grpc#26083).
* Fix potential deadlock on the GIL in AuthMetdataPlugin
(gh#grpc/grpc#26009).
* Introduce new Python package 'xds_protos'
(gh#grpc/grpc#25975).
* Remove async mark for set_trailing_metadata interface
(gh#grpc/grpc#25814).
- Update to version 1.37.1:
* No user visible changes.
- Changes from version 1.37.0:
* Clarify Guarantees about grpc.Future Interface
(gh#grpc/grpc#25383).
* [Aio] Add time_remaining method to ServicerContext
(gh#grpc/grpc#25719).
* Standardize all environment variable boolean configuration in
python's setup.py (gh#grpc/grpc#25444).
* Fix Signal Safety Issue (gh#grpc/grpc#25394).
- Update to version 1.36.1:
* Core: back-port: add env var protection for google-c2p
resolver (gh#grpc/grpc#25569).
- Update to version 1.35.0:
* Implement Python Client and Server xDS Creds.
(gh#grpc/grpc#25365)
* Add %define _lto_cflags %{nil} (bsc#1182659) (rh#1893533)
* Link roots.pem to ca-bundle.pem from ca-certificates package
- Update to version 1.34.1:
* Backport 'Lazily import grpc_tools when using runtime
stub/message generation' to 1.34.x (gh#grpc/grpc#25011).
- Update to version 1.34.0:
* Incur setuptools as an dependency for grpcio_tools
(gh#grpc/grpc#24752).
* Stop the spamming log generated by ctrl-c for AsyncIO server
(gh#grpc/grpc#24718).
* [gRPC Easy] Make Well-Known Types Available to Runtime Protos
(gh#grpc/grpc#24478).
* Bump MACOSX_DEPLOYMENT_TARGET to 10.10 for Python
(gh#grpc/grpc#24480).
* Make Python 2 an optional dependency for Bazel build
(gh#grpc/grpc#24407).
* [Linux] [macOS] Support pre-compiled Python 3.9 wheels
(gh#grpc/grpc#24356).
- Update to version 1.33.2:
* [Backport] Implement grpc.Future interface in
SingleThreadedRendezvous (gh#grpc/grpc#24574).
- Update to version 1.33.1:
* [Backport] Make Python 2 an optional dependency for Bazel
build (gh#grpc/grpc#24452).
* Allow asyncio API to be imported as grpc.aio.
(gh#grpc/grpc#24289).
* [gRPC Easy] Fix import errors on Windows (gh#grpc/grpc#24124).
* Make version check for importlib.abc in grpcio-tools more
stringent (gh#grpc/grpc#24098).
Added re2 package in version 2024-02-01.
Patchnames
SUSE-2024-573,SUSE-SLE-INSTALLER-15-SP4-2024-573,SUSE-SLE-INSTALLER-15-SP5-2024-573,SUSE-SLE-Micro-5.3-2024-573,SUSE-SLE-Micro-5.4-2024-573,SUSE-SLE-Micro-5.5-2024-573,SUSE-SLE-Module-Basesystem-15-SP5-2024-573,SUSE-SLE-Module-Development-Tools-15-SP5-2024-573,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-573,SUSE-SLE-Module-Public-Cloud-15-SP4-2024-573,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-573,SUSE-SLE-Module-Python3-15-SP5-2024-573,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-573,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-573,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-573,SUSE-SLE-Product-WE-15-SP5-2024-573,openSUSE-Leap-Micro-5.3-2024-573,openSUSE-Leap-Micro-5.4-2024-573,openSUSE-SLE-15.5-2024-573
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2", title: "Title of the patch", }, { category: "description", text: "This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 fixes the following issues:\n\nabseil-cpp was updated to:\n\nUpdate to 20230802.1:\n\n* Add StdcppWaiter to the end of the list of waiter implementations\n\nUpdate to 20230802.0\n\n What's New:\n\n * Added the nullability library for designating the expected\n nullability of pointers. Currently these serve as annotations\n only, but it is expected that compilers will one day be able\n to use these annotations for diagnostic purposes.\n * Added the prefetch library as a portable layer for moving data\n into caches before it is read.\n * Abseil's hash tables now detect many more programming errors\n in debug and sanitizer builds.\n * Abseil's synchronization objects now differentiate absolute\n waits (when passed an absl::Time) from relative waits (when\n passed an absl::Duration) when the underlying platform supports\n differentiating these cases. This only makes a difference when\n system clocks are adjusted.\n * Abseil's flag parsing library includes additional methods that\n make it easier to use when another library also expects to be\n able to parse flags.\n * absl::string_view is now available as a smaller target,\n @com_google_absl//absl/strings:string_view, so that users may\n use this library without depending on the much larger\n @com_google_absl//absl/strings target.\n\nUpdate to 20230125.3\n\nDetails can be found on:\n\n https://github.com/abseil/abseil-cpp/releases/tag/20230125.3\n\nUpdate to 20230125.2\n\nWhat's New:\n\n The Abseil logging library has been released. This library\n provides facilities for writing short text messages about the\n status of a program to stderr, disk files, or other sinks\n (via an extension API). See the logging library documentation\n for more information.\n An extension point, AbslStringify(), allows user-defined types\n to seamlessly work with Abseil's string formatting functions\n like absl::StrCat() and absl::StrFormat().\n A library for computing CRC32C checksums has been added.\n Floating-point parsing now uses the Eisel-Lemire algorithm,\n which provides a significant speed improvement.\n The flags library now provides suggestions for the closest\n flag(s) in the case of misspelled flags.\n Using CMake to install Abseil now makes the installed artifacts\n (in particular absl/base/options.h) reflect the compiled ABI.\n\n Breaking Changes:\n\n Abseil now requires at least C++14 and follows Google's Foundational\n C++ Support Policy. See this table for a list of currently supported\n versions compilers, platforms, and build tools.\n The legacy spellings of the thread annotation macros/functions\n (e.g. GUARDED_BY()) have been removed by default in favor of the\n ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with\n other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS\n can be defined on the compile command-line to temporarily restore these\n spellings, but this compatibility macro will be removed in the future.\n\n Known Issues\n\n The Abseil logging library in this release is not a feature-complete\n replacement for glog yet. VLOG and DFATAL are examples of features\n that have not yet been released.\n\nUpdate to version 20220623.0\n\n What's New:\n\n * Added absl::AnyInvocable, a move-only function type.\n * Added absl::CordBuffer, a type for buffering data for eventual inclusion an\n absl::Cord, which is useful for writing zero-copy code.\n * Added support for command-line flags of type absl::optional<T>.\n\n Breaking Changes:\n\n * CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control\n whether or not unit tests are built.\n * The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that\n are experiencing new warnings can use -Wno-deprecated-declatations silence\n\tthe warnings or use -Wno-error=deprecated-declarations to see warnings but\n\tnot fail the build.\n * ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some\n compilers are more strict about where this keyword must appear compared to\n\tthe pre-C++20 implementation.\n * Bazel builds now depend on the bazelbuild/bazel-skylib repository.\n See Abseil's WORKSPACE file for an example of how to add this dependency.\n\n Other:\n\n * This will be the last release to support C++11. Future releases will require at least C++14.\n\ngrpc was updated to 1.60:\n\nUpdate to release 1.60\n\n* Implemented dualstack IPv4 and IPv6 backend support, as per\n draft gRFC A61. xDS support currently guarded by\n GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS env var.\n* Support for setting proxy for addresses.\n* Add v1 reflection.\n\nupdate to 1.59.3:\n\n* Security - Revocation: Crl backport to 1.59. (#34926)\n\nUpdate to release 1.59.2\n\n* Fixes for CVE-2023-44487\n\nUpdate to version 1.59.1:\n\n* C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552).\n\nUpdate to version 1.59.0:\n\n* xds ssa: Remove environment variable protection for stateful\n affinity (gh#grpc/grpc#34435).\n* c-ares: fix spin loop bug when c-ares gives up on a socket\n that still has data left in its read buffer\n (gh#grpc/grpc#34185).\n* Deps: Adding upb as a submodule (gh#grpc/grpc#34199).\n* EventEngine: Update Cancel contract on closure deletion\n timeline (gh#grpc/grpc#34167).\n* csharp codegen: Handle empty base_namespace option value to\n fix gh#grpc/grpc#34113 (gh#grpc/grpc#34137).\n* Ruby:\n - replace strdup with gpr_strdup (gh#grpc/grpc#34177).\n - drop ruby 2.6 support (gh#grpc/grpc#34198).\n\nUpdate to release 1.58.1\n\n* Reintroduced c-ares 1.14 or later support\n\nUpdate to release 1.58\n\n* ruby extension: remove unnecessary background thread startup\n wait logic that interferes with forking\n\nUpdate to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)\n\n* EventEngine: Change GetDNSResolver to return\n absl::StatusOr<std::unique_ptr<DNSResolver>>.\n* Improve server handling of file descriptor exhaustion.\n* Add a channel argument to set DSCP on streams.\n\nUpdate to release 1.56.2\n\n* Improve server handling of file descriptor exhaustion\n\nUpdate to release 1.56.0 (CVE-2023-32731, bsc#1212180)\n\n* core: Add support for vsock transport.\n* EventEngine: Change TXT lookup result type to\n std::vector<std::string>.\n* C++/Authz: support customizable audit functionality for\n authorization policy.\n\nUpdate to release 1.54.1\n\n* Bring declarations and definitions to be in sync\n\nUpdate to release 1.54 (CVE-2023-32732, bsc#1212182)\n\n* XDS: enable XDS federation by default\n* TlsCreds: Support revocation of intermediate in chain\n\nUpdate to release 1.51.1\n\n* Only a macOS/aarch64-related change\n\nUpdate to release 1.51\n\n* c-ares DNS resolver: fix logical race between resolution\n timeout/cancellation and fd readability.\n* Remove support for pthread TLS\n\nUpdate to release 1.50.0\n\n* Core\n\n - Derive EventEngine from std::enable_shared_from_this. (#31060)\n - Revert 'Revert '[chttp2] fix stream leak with queued flow control\n update and absence of writes (#30907)' (#30991)'. (#30992)\n - [chttp2] fix stream leak with queued flow control update and absence of writes. (#30907)\n - Remove gpr_codegen. (#30899)\n - client_channel: allow LB policy to communicate update errors to resolver. (#30809)\n - FaultInjection: Fix random number generation. (#30623)\n\n* C++\n\n - OpenCensus Plugin: Add measure and views for started RPCs. (#31034)\n\n* C#\n\n - Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371)\n - Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099). (#30411)\n - Grpc.Tools document AdditionalImportDirs. (#30405)\n - Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410)\n\nUpdate to release 1.49.1\n\n* All\n\n - Update protobuf to v21.6 on 1.49.x. (#31028)\n\n* Ruby\n\n - Backport 'Fix ruby windows ucrt build #31051' to 1.49.x. (#31053)\n\nUpdate to release 1.49.0\n\n* Core\n - Backport: 'stabilize the C2P resolver URI scheme' to v1.49.x. (#30654)\n - Bump core version. (#30588)\n - Update OpenCensus to HEAD. (#30567)\n - Update protobuf submodule to 3.21.5. (#30548)\n - Update third_party/protobuf to 3.21.4. (#30377)\n - [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443)\n - HTTP2: Fix keepalive time throttling. (#30164)\n - Use AnyInvocable in EventEngine APIs. (#30220)\n\n* Python\n\n - Add type stub generation support to grpcio-tools. (#30498)\n\nUpdate to release 1.48.1\n\n* Backport EventEngine Forkables\n\nUpdate to release 1.48.0\n \n* C++14 is now required\n* xDS: Workaround to get gRPC clients working with istio\n\nUpdate to release 1.46.3\n\n* backport: xds: use federation env var to guard new-style\n resource name parsing (#29725) #29727\n\nUpdate to release 1.46\n\n* Added HTTP/1.1 support in httpcli\n* HTTP2: Add graceful goaway\n\nUpdate to release 1.45.2\n\n* Various fixes related to XDS\n* HTTP2: Should not run cancelling logic on servers when\n receiving GOAWAY\n\nUpdate to release 1.45.1\n\n* Switched to epoll1 as a default polling engine for Linux\n\nUpdate to version 1.45.0:\n\n* Core:\n\n - Backport 'Include ADS stream error in XDS error updates\n (#29014)' to 1.45.x [gh#grpc/grpc#29121].\n - Bump core version to 23.0.0 for upcoming release\n [gh#grpc/grpc#29026].\n - Fix memory leak in HTTP request security handshake\n cancellation [gh#grpc/grpc#28971].\n - CompositeChannelCredentials: Comparator implementation\n [gh#grpc/grpc#28902].\n - Delete custom iomgr [gh#grpc/grpc#28816].\n - Implement transparent retries [gh#grpc/grpc#28548].\n - Uniquify channel args keys [gh#grpc/grpc#28799].\n - Set trailing_metadata_available for recv_initial_metadata\n ops when generating a fake status [gh#grpc/grpc#28827].\n - Eliminate gRPC insecure build [gh#grpc/grpc#25586].\n - Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769].\n - InsecureCredentials: singleton object [gh#grpc/grpc#28777].\n - Add http cancel api [gh#grpc/grpc#28354].\n - Memory leak fix on windows in grpc_tcp_create()\n [gh#grpc/grpc#27457].\n - xDS: Rbac filter updates [gh#grpc/grpc#28568].\n\n* C++\n\n - Bump the minimum gcc to 5 [gh#grpc/grpc#28786].\n - Add experimental API for CRL checking support to gRPC C++\n TlsCredentials [gh#grpc/grpc#28407].\n\nUpdate to release 1.44.0\n\n* Add a trace to list which filters are contained in a\n channel stack.\n* Remove grpc_httpcli_context.\n* xDS: Add support for RBAC HTTP filter.\n* API to cancel grpc_resolve_address.\n\nUpdate to version 1.43.2:\n\n* Fix google-c2p-experimental issue (gh#grpc/grpc#28692).\n\nChanges from version 1.43.0:\n\n* Core:\n\n - Remove redundant work serializer usage in c-ares windows\n code (gh#grpc/grpc#28016).\n - Support RDS updates on the server (gh#grpc/grpc#27851).\n - Use WorkSerializer in XdsClient to propagate updates in a\n synchronized manner (gh#grpc/grpc#27975).\n - Support Custom Post-handshake Verification in TlsCredentials\n (gh#grpc/grpc#25631).\n - Reintroduce the EventEngine default factory\n (gh#grpc/grpc#27920).\n - Assert Android API >= v21 (gh#grpc/grpc#27943).\n - Add support for abstract unix domain sockets\n (gh#grpc/grpc#27906).\n* C++:\n\n - OpenCensus: Move metadata storage to arena\n (gh#grpc/grpc#27948).\n\n* [C#] Add nullable type attributes to Grpc.Core.Api\n (gh#grpc/grpc#27887).\n- Update package name libgrpc++1 to libgrpc++1_43 in keeping with\n updated so number.\n\nUpdate to release 1.41.0\n\n* xDS: Remove environmental variable guard for security.\n* xDS Security: Use new way to fetch certificate provider\n plugin instance config.\n* xDS server serving status: Use a struct to allow more fields\n to be added in the future.\n\nUpdate to release 1.39.1\n\n* Fix C# protoc plugin argument parsing on 1.39.x\n\nUpdate to version 1.39.0:\n\n* Core\n\n - Initialize tcp_posix for CFStream when needed\n (gh#grpc/grpc#26530).\n - Update boringssl submodule (gh#grpc/grpc#26520).\n - Fix backup poller races (gh#grpc/grpc#26446).\n - Use default port 443 in HTTP CONNECT request\n (gh#grpc/grpc#26331).\n* C++\n\n - New iomgr implementation backed by the EventEngine API\n (gh#grpc/grpc#26026).\n - async_unary_call: add a Destroy method, called by\n std::default_delete (gh#grpc/grpc#26389).\n - De-experimentalize C++ callback API (gh#grpc/grpc#25728).\n\n* PHP: stop reading composer.json file just to read the version\n string (gh#grpc/grpc#26156).\n\n* Ruby: Set XDS user agent in ruby via macros\n (gh#grpc/grpc#26268).\n\nUpdate to release 1.38.0\n\n* Invalidate ExecCtx now before computing timeouts in all\n repeating timer events using a WorkSerializer or combiner.\n* Fix use-after-unref bug in fault_injection_filter\n* New gRPC EventEngine Interface\n* Allow the AWS_DEFAULT_REGION environment variable\n* s/OnServingStatusChange/OnServingStatusUpdate/\n\nUpdate to release 1.37.1\n\n* Use URI form of address for channelz listen node\n* Implementation CSDS (xDS Config Dump)\n* xDS status notifier\n* Remove CAS loops in global subchannel pool and simplify\n subchannel refcounting\n\nUpdate to release 1.36.4\n\n* A fix for DNS SRV lookups on Windows\n\nUpdate to 1.36.1:\n\n* Core:\n * Remove unnecessary internal pollset set in c-ares DNS resolver\n * Support Default Root Certs in Tls Credentials\n * back-port: add env var protection for google-c2p resolver\n* C++:\n * Move third party identity C++ api out of experimental namespace\n * refactor!: change error_details functions to templates\n * Support ServerContext for callback API\n* PHP:\n * support for PSM security\n * fixed segfault on reused call object\n * fixed phpunit 8 warnings\n* Python:\n * Implement Python Client and Server xDS Creds\n\nUpdate to version 1.34.1:\n\n* Backport 'Lazily import grpc_tools when using runtime\n stub/message generation' to 1.34.x (gh#grpc/grpc#25011).\n* Backport 'do not use <PublicSign>true</PublicSign> on\n non-windows' to 1.34.x (gh#grpc/grpc#24995).\n\nUpdate to version 1.34.0:\n\n* Core:\n\n- Protect xds security code with the environment variable\n 'GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT'\n (gh#grpc/grpc#24782).\n - Add support for 'unix-abstract:' URIs to support abstract\n unix domain sockets (gh#grpc/grpc#24500).\n - Increment Index when parsing not plumbed SAN fields\n (gh#grpc/grpc#24601).\n - Revert 'Revert 'Deprecate\n GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS''\n (gh#grpc/grpc#24518).\n - xds: Set status code to INVALID_ARGUMENT when NACKing\n (gh#grpc/grpc#24516).\n - Include stddef.h in address_sorting.h (gh#grpc/grpc#24514).\n - xds: Add support for case_sensitive option in RouteMatch\n (gh#grpc/grpc#24381).\n* C++:\n - Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503).\n - Experimental support and tests for\n CreateCustomInsecureChannelWithInterceptorsFromFd\n (gh#grpc/grpc#24362).\n\nUpdate to release 1.33.2\n\n* Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS.\n* Expose Cronet error message to the application layer.\n* Remove grpc_channel_ping from surface API.\n* Do not send BDP pings if there is no receive side activity.\n\nUpdate to version 1.33.1\n\n* Core\n\n - Deprecate\n GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS\n (gh#grpc/grpc#24063).\n - Expose Cronet error message to the application layer\n (gh#grpc/grpc#24083).\n - Remove grpc_channel_ping from surface API\n (gh#grpc/grpc#23894).\n - Do not send BDP pings if there is no receive side activity\n (gh#grpc/grpc#22997).\n\n* C++\n\n - Makefile: only support building deps from submodule\n (gh#grpc/grpc#23957).\n\n- Add new subpackages - libupb and upb-devel. Currently, grpc\n sources include also upb sources. Before this change, libupb and\n upb-devel used to be included in a separate package - upb.\n\nUpdate to version 1.32.0:\n\n* Core\n - Remove stream from stalled lists on remove_stream\n (gh#grpc/grpc#23984).\n - Do not cancel RPC if send metadata size if larger than\n peer's limit (gh#grpc/grpc#23806).\n - Don't consider receiving non-OK status as an error for HTTP2\n (gh#grpc/grpc#19545).\n - Keepalive throttling (gh#grpc/grpc#23313).\n - Include the target_uri in 'target uri is not valid' error\n messages (gh#grpc/grpc#23782).\n - Fix 'cannot send compressed message large than 1024B' in\n cronet_transport (gh#grpc/grpc#23219).\n - Receive SETTINGS frame on clients before declaring\n subchannel READY (gh#grpc/grpc#23636).\n - Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372).\n - Experimental xDS v3 support (gh#grpc/grpc#23281).\n\n* C++\n\n - Upgrade bazel used for all tests to 2.2.0\n (gh#grpc/grpc#23902).\n - Remove test targets and test helper libraries from Makefile\n (gh#grpc/grpc#23813).\n - Fix repeated builds broken by re2's cmake\n (gh#grpc/grpc#23587).\n - Log the peer address of grpc_cli CallMethod RPCs to stderr\n (gh#grpc/grpc#23557).\n\nopencensus-proto was updated to 0.3.0+git.20200721:\n\n- Update to version 0.3.0+git.20200721:\n\n * Bump version to 0.3.0\n * Generate Go types using protocolbuffers/protobuf-go (#218)\n * Load proto_library() rule. (#216)\n\n- Update to version 0.2.1+git.20190826:\n\n * Remove grpc_java dependency and java_proto rules. (#214)\n * Add C++ targets, especially for gRPC services. (#212)\n * Upgrade bazel and dependencies to latest. (#211)\n * Bring back bazel cache to make CI faster. (#210)\n * Travis: don't require sudo for bazel installation. (#209)\n\n- Update to version 0.2.1:\n\n * Add grpc-gateway for metrics service. (#205)\n * Pin bazel version in travis builds (#207)\n * Update gen-go files (#199)\n * Add Web JS as a LibraryInfo.Language option (#198)\n * Set up Python packaging for PyPI release. (#197)\n * Add tracestate to links. (#191)\n * Python proto file generator and generated proto files (#196)\n * Ruby proto file generator and generated proto files (#192)\n * Add py_proto_library() rules for envoy/api. (#194)\n * Gradle: Upgrade dependency versions. (#193)\n * Update release versions for readme. (#189)\n * Start 0.3.0 development cycle\n * Update gen-go files. (#187)\n * Revert 'Start 0.3.0 development cycle (#167)' (#183)\n * Revert optimization for metric descriptor and bucket options for now. (#184)\n * Constant sampler: add option to always follow the parent's decision. (#182)\n * Document that all maximum values must be specified. (#181)\n * Fix typo in bucket bounds. (#178)\n * Restrict people who can approve reviews. This is to ensure code quality. (#177)\n * Use bazel cache to make CI faster. (#176)\n * Add grpc generated files to the idea plugin. (#175)\n * Add Resource to Span (#174)\n * time is required (#170)\n * Upgrade protobuf dependency to v3.6.1.3. (#173)\n * assume Ok Status when not set (#171)\n * Minor comments fixes (#160)\n * Start 0.3.0 development cycle (#167)\n * Update gen-go files. (#162)\n * Update releasing instruction. (#163)\n * Fix Travis build. (#165)\n * Add OpenApi doc for trace agent grpc-gateway (#157)\n * Add command to generate OpenApi/Swagger doc for grpc-gateway (#156)\n * Update gen-go files (#155)\n * Add trace export grpc-gateway config (#77)\n * Fix bazel build after bazel upgrade (#154)\n * README: Add gitter, javadoc and godoc badge. (#151)\n * Update release versions for README. (#150)\n * Start 0.2.0 development cycle\n * Add resource and metrics_service proto to mkgogen. Re-generate gen-go files. (#147)\n * Add resource to protocol (#137)\n * Fix generating the javadoc. (#144)\n * Metrics/TimeSeries: start time should not be included while end time should. (#142)\n * README: Add instructions on using opencensus_proto with Bazel. (#140)\n * agent/README: update package info. (#138)\n * Agent: Add metrics service. (#136)\n * Tracing: Add default limits to TraceConfig. (#133)\n * Remove a stale TODO. (#134)\n * README: Add a note about go_proto_library rules. (#135)\n * add golang bazel build support (#132)\n * Remove exporter protos from mkgogen. (#128)\n * Update README and RELEASING. (#130)\n * Change histogram buckets definition to be OpenMetrics compatible. (#121)\n * Remove exporter/v1 protos. (#124)\n * Clean up the README for Agent proto. (#126)\n * Change Quantiles to ValuesAtPercentile. (#122)\n * Extend the TraceService service to support export/config for multiple Applications. (#119)\n * Add specifications on Agent implementation details. (#112)\n * Update gitignore (#118)\n * Remove maven support. Not used. (#116)\n * Add gauge distribution. (#117)\n * Add support for Summary type and value. (#110)\n * Add Maven status and instructions on adding dependencies. (#115)\n * Bump version to 0.0.3-SNAPSHOT\n * Bump version to 0.0.2\n * Update gen-go files. (#114)\n * Gradle: Add missing source and javadoc rules. (#113)\n * Add support for float attributes. (#98)\n * Change from mean to sum in distribution. (#109)\n * Bump version to v0.0.2-SNAPSHOT\n * Bump version to v0.0.1\n * Add releasing instructions in RELEASING.md. (#106)\n * Add Gradle build rules for generating gRPC service and releasing to Maven. (#102)\n * Re-organize proto directory structure. (#103)\n * Update gen-go files. (#101)\n * Add a note about interceptors of other libraries. (#94)\n * agent/common/v1: use exporter_version, core_library_version in LibraryInfo (#100)\n * opencensus/proto: add default Agent port to README (#97)\n * Update the message names for Config RPC. (#93)\n * Add details about agent protocol in the README. (#88)\n * Update gen-go files. (#92)\n * agent/trace/v1: fix signature for Config and comments too (#91)\n * Update gen-go files. (#86)\n * Make tracestate a list instead of a map to preserve ordering. (#84)\n * Allow MetricDescriptor to be sent only the first time. (#78)\n * Update mkgogen.sh. (#85)\n * Add agent trace service proto definitions. (#79)\n * Update proto and gen-go package names. (#83)\n * Add agent/common proto and BUILD. (#81)\n * Add trace_config.proto. (#80)\n * Build exporters with maven. (#76)\n * Make clear that cumulative int/float can go only up. (#75)\n * Add tracestate field to the Span proto. (#74)\n * gradle wrapper --gradle-version 4.9 (#72)\n * Change from multiple types of timeseries to have one. (#71)\n * Move exemplars in the Bucket. (#70)\n * Update gen-go files. (#69)\n * Move metrics in the top level directory. (#68)\n * Remove Range from Distribution. No backend supports this. (#67)\n * Remove unused MetricSet message. (#66)\n * Metrics: Add Exemplar to DistributionValue. (#62)\n * Gauge vs Cumulative. (#65)\n * Clarifying comment about bucket boundaries. (#64)\n * Make MetricDescriptor.Type capture the type of the value as well. (#63)\n * Regenerate the Go artifacts (#61)\n * Add export service proto (#60)\n\n- Initial version 20180523\n\nprotobuf was updated to 25.1:\n\nupdate to 25.1:\n\n * Raise warnings for deprecated python syntax usages\n * Add support for extensions in CRuby, JRuby, and FFI Ruby\n * Add support for options in CRuby, JRuby and FFI (#14594)\n\nupdate to 25.0:\n\n * Implement proto2/proto3 with editions\n * Defines Protobuf compiler version strings as macros and\n separates out suffix string definition.\n * Add utf8_validation feature back to the global feature set.\n * Setting up version updater to prepare for poison pills and\n embedding version info into C++, Python and Java gencode.\n * Merge the protobuf and upb Bazel repos\n * Editions: Introduce functionality to protoc for generating\n edition feature set defaults.\n * Editions: Migrate edition strings to enum in C++ code.\n * Create a reflection helper for ExtensionIdentifier.\n * Editions: Provide an API for C++ generators to specify their\n features.\n * Editions: Refactor feature resolution to use an intermediate\n message.\n * Publish extension declarations with declaration\n verifications.\n * Editions: Stop propagating partially resolved feature sets to\n plugins.\n * Editions: Migrate string_field_validation to a C++ feature\n * Editions: Include defaults for any features in the generated\n pool.\n * Protoc: parser rejects explicit use of map_entry option\n * Protoc: validate that reserved range start is before end\n * Protoc: support identifiers as reserved names in addition to\n string literals (only in editions)\n * Drop support for Bazel 5.\n * Allow code generators to specify whether or not they support\n editions.\nC++:\n * Set `PROTOBUF_EXPORT` on\n `InternalOutOfLineDeleteMessageLite()`\n * Update stale checked-in files\n * Apply PROTOBUF_NOINLINE to declarations of some functions\n that want it.\n * Implement proto2/proto3 with editions\n * Make JSON UTF-8 boundary check inclusive of the largest\n possible UTF-8 character.\n * Reduce `Map::size_type` to 32-bits. Protobuf containers can't\n have more than that\n * Defines Protobuf compiler version strings as macros and\n separates out suffix string definition.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n oneof accessors.\n * Fix bug in reflection based Swap of map fields.\n * Add utf8_validation feature back to the global feature set.\n * Setting up version updater to prepare for poison pills and\n embedding version info into C++, Python and Java gencode.\n * Add prefetching to arena allocations.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n repeated and map field accessors.\n * Editions: Migrate edition strings to enum in C++ code.\n * Create a reflection helper for ExtensionIdentifier.\n * Editions: Provide an API for C++ generators to specify their\n features.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n string field accessors.\n * Editions: Refactor feature resolution to use an intermediate\n message.\n * Fixes for 32-bit MSVC.\n * Publish extension declarations with declaration\n verifications.\n * Export the constants in protobuf's any.h to support DLL\n builds.\n * Implement AbslStringify for the Descriptor family of types.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n message field accessors.\n * Editions: Stop propagating partially resolved feature sets to\n plugins.\n * Editions: Migrate string_field_validation to a C++ feature\n * Editions: Include defaults for any features in the generated\n pool.\n * Introduce C++ feature for UTF8 validation.\n * Protoc: validate that reserved range start is before end\n * Remove option to disable the table-driven parser in protoc.\n * Lock down ctype=CORD in proto file.\n * Support split repeated fields.\n * In OSS mode omit some extern template specializations.\n * Allow code generators to specify whether or not they support\n editions.\nJava:\n * Implement proto2/proto3 with editions\n * Remove synthetic oneofs from Java gencode field accessor\n tables.\n * Timestamps.parse: Add error handling for invalid\n hours/minutes in the timezone offset.\n * Defines Protobuf compiler version strings as macros and\n separates out suffix string definition.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n oneof accessors.\n * Add missing debugging version info to Protobuf Java gencode\n when multiple files are generated.\n * Fix a bad cast in putBuilderIfAbsent when already present due\n to using the result of put() directly (which is null if it\n currently has no value)\n * Setting up version updater to prepare for poison pills and\n embedding version info into C++, Python and Java gencode.\n * Fix a NPE in putBuilderIfAbsent due to using the result of\n put() directly (which is null if it currently has no value)\n * Update Kotlin compiler to escape package names\n * Add MapFieldBuilder and change codegen to generate it and the\n put{field}BuilderIfAbsent method.\n * Introduce recursion limit in Java text format parsing\n * Consider the protobuf.Any invalid if typeUrl.split('/')\n returns an empty array.\n * Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.\n * Fixed Python memory leak in map lookup.\n * Loosen upb for json name conflict check in proto2 between\n json name and field\n * Defines Protobuf compiler version strings as macros and\n separates out suffix string definition.\n * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated\n oneof accessors.\n * Ensure Timestamp.ToDatetime(tz) has correct offset\n * Do not check required field for upb python MergeFrom\n * Setting up version updater to prepare for poison pills and\n embedding version info into C++, Python and Java gencode.\n * Merge the protobuf and upb Bazel repos\n * Comparing a proto message with an object of unknown returns\n NotImplemented\n * Emit __slots__ in pyi output as a tuple rather than a list\n for --pyi_out.\n * Fix a bug that strips options from descriptor.proto in\n Python.\n * Raise warings for message.UnknownFields() usages and navigate\n to the new add\n * Add protobuf python keyword support in path for stub\n generator.\n * Add tuple support to set Struct\n * ### Python C-Extension (Default)\n * Comparing a proto message with an object of unknown returns\n NotImplemented\n * Check that ffi-compiler loads before using it to define\n tasks.\nUPB (Python/PHP/Ruby C-Extension):\n * Include .inc files directly instead of through a filegroup\n * Loosen upb for json name conflict check in proto2 between\n json name and field\n * Add utf8_validation feature back to the global feature set.\n * Do not check required field for upb python MergeFrom\n * Merge the protobuf and upb Bazel repos\n * Added malloc_trim() calls to Python allocator so RSS will\n decrease when memory is freed\n * Upb: fix a Python memory leak in ByteSize()\n * Support ASAN detection on clang\n * Upb: bugfix for importing a proto3 enum from within a proto2\n file\n * Expose methods needed by Ruby FFI using UPB_API\n * Fix `PyUpb_Message_MergeInternal` segfault\n\n- Build with source and target levels 8\n * fixes build with JDK21\n- Install the pom file with the new %%mvn_install_pom macro\n- Do not install the pom-only artifacts, since the %%mvn_install_pom\n macro resolves the variables at the install time\n\nupdate to 23.4:\n\n * Add dllexport_decl for generated default instance.\n * Deps: Update Guava to 32.0.1\n\nupdate to 23.3:\n\n C++:\n\n * Regenerate stale files\n * Use the same ABI for static and shared libraries on non-\n Windows platforms\n * Add a workaround for GCC constexpr bug\n Objective-C:\n * Regenerate stale files\n UPB (Python/PHP/Ruby C-Extension)\n * Fixed a bug in `upb_Map_Delete()` that caused crashes in\n map.delete(k) for Ruby when string-keyed maps were in use.\n\n Compiler:\n * Add missing header to Objective-c generator\n * Add a workaround for GCC constexpr bug\n\n Java:\n * Rollback of: Simplify protobuf Java message builder by\n removing methods that calls the super class only.\n\n Csharp:\n * [C#] Replace regex that validates descriptor names\n\nupdate to 22.5:\n\n C++:\n * Add missing cstdint header\n * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)\n * Avoid using string(JOIN..., which requires cmake 3.12\n * Explicitly include GTest package in examples\n * Bump Abseil submodule to 20230125.3 (#12660)\n\nupdate to 22.4:\n\n C++:\n * Fix libprotoc: export useful symbols from .so\n\n Python:\n * Fix bug in _internal_copy_files where the rule would fail in\n downstream repositories.\n\n Other:\n * Bump utf8_range to version with working pkg-config (#12584)\n * Fix declared dependencies for pkg-config\n * Update abseil dependency and reorder dependencies to ensure\n we use the version specified in protobuf_deps.\n * Turn off clang::musttail on i386\n\nupdate to v22.3\n\n UPB (Python/PHP/Ruby C-Extension):\n * Remove src prefix from proto import\n * Fix .gitmodules to use the correct absl branch\n * Remove erroneous dependency on googletest\n\nupdate to 22.2:\n\n Java:\n * Add version to intra proto dependencies and add kotlin stdlib\n dependency\n * Add $ back for osgi header\n * Remove $ in pom files\n\nupdate to 22.1:\n * Add visibility of plugin.proto to python directory\n * Strip 'src' from file name of plugin.proto\n * Add OSGi headers to pom files.\n * Remove errorprone dependency from kotlin protos.\n * Version protoc according to the compiler version number.\n\n- update to 22.0:\n\n * This version includes breaking changes to: Cpp.\n Please refer to the migration guide for information:\n https://protobuf.dev/support/migration/#compiler-22\n * [Cpp] Migrate to Abseil's logging library.\n * [Cpp] `proto2::Map::value_type` changes to `std::pair`.\n * [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,\n and DefaultFieldComparator classes.\n * [Cpp] Add a dependency on Abseil (#10416)\n * [Cpp] Remove all autotools usage (#10132)\n * [Cpp] Add C++20 reserved keywords\n * [Cpp] Dropped C++11 Support\n * [Cpp] Delete Arena::Init\n * [Cpp] Replace JSON parser with new implementation\n * [Cpp] Make RepeatedField::GetArena non-const in order to\n support split RepeatedFields.\n * long list of bindings specific fixes see\n https://github.com/protocolbuffers/protobuf/releases/tag/v22.0\n\nupdate to v21.12:\n\n* Python:\n * Fix broken enum ranges (#11171)\n * Stop requiring extension fields to have a sythetic oneof (#11091)\n * Python runtime 4.21.10 not works generated code can not load valid\n proto.\n\nupdate to 21.11:\n\n* Python:\n * Add license file to pypi wheels (#10936)\n * Fix round-trip bug (#10158)\n\nupdate to 21.10::\n\n* Java:\n * Use bit-field int values in buildPartial to skip work on unset groups of\n fields. (#10960)\n * Mark nested builder as clean after clear is called (#10984)\n\nupdate to 21.9:\n * Ruby:\n * Replace libc strdup usage with internal impl to restore musl compat (#10818)\n * Auto capitalize enums name in Ruby (#10454) (#10763)\n * Other:\n * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)\n * C++:\n * 21.x No longer define no_threadlocal on OpenBSD (#10743)\n * Java:\n * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)\n * Refactoring java full runtime to reuse sub-message builders and prepare to\n migrate parsing logic from parse constructor to builder.\n * Move proto wireformat parsing functionality from the private 'parsing\n constructor' to the Builder class.\n * Change the Lite runtime to prefer merging from the wireformat into mutable\n messages rather than building up a new immutable object before merging. This\n way results in fewer allocations and copy operations.\n * Make message-type extensions merge from wire-format instead of building up\n instances and merging afterwards. This has much better performance.\n * Fix TextFormat parser to build up recurring (but supposedly not repeated)\n sub-messages directly from text rather than building a new sub-message and\n merging the fully formed message into the existing field.\n\nupdate to 21.6:\n C++:\n * Reduce memory consumption of MessageSet parsing\n\nupdate to 21.5:\n\n PHP:\n * Added getContainingOneof and getRealContainingOneof to descriptor.\n * fix PHP readonly legacy files for nested messages\n\n Python:\n\n * Fixed comparison of maps in Python.\n\n- update to 21.4:\n\n * Reduce the required alignment of ArenaString from 8 to 4\n\n- update to 21.3:\n\n * C++:\n * Add header search paths to Protobuf-C++.podspec (#10024)\n * Fixed Visual Studio constinit errors (#10232)\n * Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)\n * UPB:\n * Allow empty package names (fixes behavior regression in 4.21.0)\n * Fix a SEGV bug when comparing a non-materialized sub-message (#10208)\n * Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)\n * for x in mapping now yields keys rather than values, to match Python\n conventions and the behavior of the old library.\n * Lookup operations now correctly reject unhashable types as map keys.\n * We implement repr() to use the same format as dict.\n * Fix maps to use the ScalarMapContainer class when appropriate\n * Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)\n * PHP:\n * Add 'readonly' as a keyword for PHP and add previous classnames to descriptor pool (#10041)\n * Python:\n * Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)\n * Bazel:\n * Add back a filegroup for :well_known_protos (#10061)\n\nUpdate to 21.2:\n- C++:\n - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)\n - Escape GetObject macro inside protoc-generated code (#9739)\n - Update CMake configuration to add a dependency on Abseil (#9793)\n - Fix cmake install targets (#9822)\n - Use __constinit only in GCC 12.2 and up (#9936)\n- Java:\n - Update protobuf_version.bzl to separate protoc and per-language java … (#9900)\n- Python:\n - Increment python major version to 4 in version.json for python upb (#9926)\n - The C extension module for Python has been rewritten to use the upb library.\n - This is expected to deliver significant performance benefits, especially when\n parsing large payloads. There are some minor breaking changes, but these\n should not impact most users. For more information see:\n https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates\n- PHP:\n - [PHP] fix PHP build system (#9571)\n - Fix building packaged PHP extension (#9727)\n - fix: reserve 'ReadOnly' keyword for PHP 8.1 and add compatibility (#9633)\n - fix: phpdoc syntax for repeatedfield parameters (#9784)\n - fix: phpdoc for repeatedfield (#9783)\n - Change enum string name for reserved words (#9780)\n - chore: [PHP] fix phpdoc for MapField keys (#9536)\n - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)\n- Ruby:\n - Allow pre-compiled binaries for ruby 3.1.0 (#9566)\n - Implement respond_to? in RubyMessage (#9677)\n - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)\n - Do not use range based UTF-8 validation in truffleruby (#9769)\n - Improve range handling logic of RepeatedField (#9799)\n- Other:\n - Fix invalid dependency manifest when using descriptor_set_out (#9647)\n - Remove duplicate java generated code (#9909)\n\n- Update to 3.20.1:\n\n - PHP:\n - Fix building packaged PHP extension (#9727)\n - Fixed composer.json to only advertise compatibility with\n PHP 7.0+. (#9819)\n - Ruby:\n - Disable the aarch64 build on macOS until it can be fixed. (#9816)\n - Other:\n - Fix versioning issues in 3.20.0\n\n- Update to 3.20.1:\n - Ruby:\n - Dropped Ruby 2.3 and 2.4 support for CI and releases.\n (#9311)\n - Added Ruby 3.1 support for CI and releases (#9566).\n - Message.decode/encode: Add recursion_limit option\n (#9218/#9486)\n - Allocate with xrealloc()/xfree() so message allocation is\n visible to the\n - Ruby GC. In certain tests this leads to much lower memory\n usage due to more\n - frequent GC runs (#9586).\n - Fix conversion of singleton classes in Ruby (#9342)\n - Suppress warning for intentional circular require (#9556)\n - JSON will now output shorter strings for double and float\n fields when possible\n - without losing precision.\n - Encoding and decoding of binary format will now work\n properly on big-endian\n - systems.\n - UTF-8 verification was fixed to properly reject surrogate\n code points.\n - Unknown enums for proto2 protos now properly implement\n proto2's behavior of\n - putting such values in unknown fields.\n - Java:\n - Revert 'Standardize on Array copyOf' (#9400)\n - Resolve more java field accessor name conflicts (#8198)\n - Fix parseFrom to only throw InvalidProtocolBufferException\n - InvalidProtocolBufferException now allows arbitrary wrapped\n Exception types.\n - Fix bug in FieldSet.Builder.mergeFrom\n - Flush CodedOutputStream also flushes underlying\n OutputStream\n - When oneof case is the same and the field type is Message,\n merge the\n - subfield. (previously it was replaced.)’\n - Add @CheckReturnValue to some protobuf types\n - Report original exceptions when parsing JSON\n - Add more info to @deprecated javadoc for set/get/has\n methods\n - Fix initialization bug in doc comment line numbers\n - Fix comments for message set wire format.\n - Kotlin:\n - Add test scope to kotlin-test for protobuf-kotlin-lite\n (#9518)\n - Add orNull extensions for optional message fields.\n - Add orNull extensions to all proto3 message fields.\n - Python:\n - Dropped support for Python < 3.7 (#9480)\n - Protoc is now able to generate python stubs (.pyi) with\n --pyi_out\n - Pin multibuild scripts to get manylinux1 wheels back\n (#9216)\n - Fix type annotations of some Duration and Timestamp\n methods.\n - Repeated field containers are now generic in field types\n and could be used in type annotations.\n - Protobuf python generated codes are simplified. Descriptors\n and message classes' definitions are now dynamic created in\n internal/builder.py.\n - Insertion Points for messages classes are discarded.\n - has_presence is added for FieldDescriptor in python\n - Loosen indexing type requirements to allow valid index()\n implementations rather than only PyLongObjects.\n - Fix the deepcopy bug caused by not copying\n message_listener.\n - Added python JSON parse recursion limit (default 100)\n - Path info is added for python JSON parse errors\n - Pure python repeated scalar fields will not able to pickle.\n Convert to list first.\n - Timestamp.ToDatetime() now accepts an optional tzinfo\n parameter. If specified, the function returns\n a timezone-aware datetime in the given time zone. If\n omitted or None, the function returns a timezone-naive UTC\n datetime (as previously).\n - Adds client_streaming and server_streaming fields to\n MethodDescriptor.\n - Add 'ensure_ascii' parameter to json_format.MessageToJson.\n This allows smaller JSON serializations with UTF-8 or other\n non-ASCII encodings.\n - Added experimental support for directly assigning numpy\n scalars and array.\n - Improve the calculation of public_dependencies in\n DescriptorPool.\n - [Breaking Change] Disallow setting fields to numpy\n singleton arrays or repeated fields to numpy\n multi-dimensional arrays. Numpy arrays should be indexed or\n flattened explicitly before assignment.\n - Compiler:\n - Migrate IsDefault(const std::string*) and\n UnsafeSetDefault(const std::string*)\n - Implement strong qualified tags for TaggedPtr\n - Rework allocations to power-of-two byte sizes.\n - Migrate IsDefault(const std::string*) and\n UnsafeSetDefault(const std::string*)\n - Implement strong qualified tags for TaggedPtr\n - Make TaggedPtr Set...() calls explicitly spell out the\n content type.\n - Check for parsing error before verifying UTF8.\n - Enforce a maximum message nesting limit of 32 in the\n descriptor builder to\n - guard against stack overflows\n - Fixed bugs in operators for RepeatedPtrIterator\n - Assert a maximum map alignment for allocated values\n - Fix proto1 group extension protodb parsing error\n - Do not log/report the same descriptor symbol multiple\n times if it contains\n - more than one invalid character.\n - Add UnknownFieldSet::SerializeToString and\n SerializeToCodedStream.\n - Remove explicit default pointers and deprecated API from\n protocol compiler\n - Arenas:\n - Change Repeated*Field to reuse memory when using arenas.\n - Implements pbarenaz for profiling proto arenas\n - Introduce CreateString() and CreateArenaString() for\n cleaner semantics\n - Fix unreferenced parameter for MSVC builds\n - Add UnsafeSetAllocated to be used for one-of string\n fields.\n - Make Arena::AllocateAligned() a public function.\n - Determine if ArenaDtor related code generation is\n necessary in one place.\n - Implement on demand register ArenaDtor for\n InlinedStringField\n - C++:\n - Enable testing via CTest (#8737)\n - Add option to use external GTest in CMake (#8736)\n - CMake: Set correct sonames for libprotobuf-lite.so and\n libprotoc.so (#8635) (#9529)\n - Add cmake option protobuf_INSTALL to not install files\n (#7123)\n - CMake: Allow custom plugin options e.g. to generate mocks\n (#9105)\n - CMake: Use linker version scripts (#9545)\n - Manually *struct Cord fields to work better with arenas.\n - Manually destruct map fields.\n - Generate narrower code\n - Fix #9378 by removing\n - shadowed cached_size field\n - Remove GetPointer() and explicit nullptr defaults.\n - Add proto_h flag for speeding up large builds\n - Add missing overload for reference wrapped fields.\n - Add MergedDescriptorDatabase::FindAllFileNames()\n - RepeatedField now defines an iterator type instead of\n using a pointer.\n - Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and\n GOOGLE_PROTOBUF_HAS_ARENAS.\n - PHP:\n - Fix: add missing reserved classnames (#9458)\n - PHP 8.1 compatibility (#9370)\n - C#:\n - Fix trim warnings (#9182)\n - Fixes NullReferenceException when accessing\n FieldDescriptor.IsPacked (#9430)\n - Add ToProto() method to all descriptor classes (#9426)\n - Add an option to preserve proto names in JsonFormatter\n (#6307)\n - Objective-C:\n - Add prefix_to_proto_package_mappings_path option. (#9498)\n - Rename proto_package_to_prefix_mappings_path to\n package_to_prefix_mappings_path. (#9552)\n - Add a generation option to control use of forward\n declarations in headers. (#9568)\n\n- update to 3.19.4:\n Python:\n * Make libprotobuf symbols local on OSX to fix issue #9395 (#9435)\n Ruby:\n * Fixed a data loss bug that could occur when the number of optional fields\n in a message is an exact multiple of 32\n PHP:\n * Fixed a data loss bug that could occur when the number of optional fields\n in a message is an exact multiple of 32.\n\n- Update to 3.19.3:\n C++:\n * Make proto2::Message::DiscardUnknownFields() non-virtual\n * Separate RepeatedPtrField into its own header file\n * For default floating point values of 0, consider all bits significant\n * Fix shadowing warnings\n * Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment\n Java:\n * Improve performance characteristics of UnknownFieldSet parsing\n * For default floating point values of 0, consider all bits significant\n * Annotate //java/com/google/protobuf/util/... with nullness annotations\n * Use ArrayList copy constructor\n Bazel:\n * Ensure that release archives contain everything needed for Bazel\n * Align dependency handling with Bazel best practices\n Javascript:\n * Fix ReferenceError: window is not defined when getting the global object\n Ruby:\n * Fix memory leak in MessageClass.encode\n * Override Map.clone to use Map's dup method\n * Ruby: build extensions for arm64-darwin\n * Add class method Timestamp.from_time to ruby well known types\n * Adopt pure ruby DSL implementation for JRuby\n * Add size to Map class\n * Fix for descriptor_pb.rb: google/protobuf should be required first\n Python:\n * Proto2 DecodeError now includes message name in error message\n * Make MessageToDict convert map keys to strings\n * Add python-requires in setup.py\n * Add python 3.10\n\n- Update to 3.17.3:\n C++\n * Introduce FieldAccessListener.\n * Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class\n * Provide stable versions of SortAndUnique().\n * Make sure to cache proto3 optional message fields when they are cleared.\n * Expose UnsafeArena methods to Reflection.\n * Use std::string::empty() rather than std::string::size() > 0.\n * [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in incorrect order (#8296)\n * Fix PROTOBUF_CONSTINIT macro redefinition (#8323)\n * Delete StringPiecePod (#8353)\n * Create a CMake option to control whether or not RTTI is enabled (#8347)\n * Make util::Status more similar to absl::Status (#8405)\n * The ::pb namespace is no longer exposed due to conflicts.\n * Allow MessageDifferencer::TreatAsSet() (and friends) to override previous\n calls instead of crashing.\n * Reduce the size of generated proto headers for protos with string or\n bytes fields.\n * Move arena() operation on uncommon path to out-of-line routine\n * For iterator-pair function parameter types, take both iterators by value.\n * Code-space savings and perhaps some modest performance improvements in\n * RepeatedPtrField.\n * Eliminate nullptr check from every tag parse.\n * Remove unused _$name$cached_byte_size fields.\n * Serialize extension ranges together when not broken by a proto field in the\n middle.\n * Do out-of-line allocation and deallocation of string object in ArenaString.\n * Streamline ParseContext::ParseMessage to avoid code bloat and improve\n performance.\n * New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}.\n on an error path.\n * util::DefaultFieldComparator will be final in a future version of protobuf.\n * Subclasses should inherit from SimpleFieldComparator instead.\n Kotlin\n * Introduce support for Kotlin protos (#8272)\n * Restrict extension setter and getter operators to non-nullable T.\n Java\n * Fixed parser to check that we are at a proper limit when a sub-message has\n finished parsing.\n * updating GSON and Guava to more recent versions (#8524)\n * Reduce the time spent evaluating isExtensionNumber by storing the extension\n ranges in a TreeMap for faster queries. This is particularly relevant for\n protos which define a large number of extension ranges, for example when\n each tag is defined as an extension.\n * Fix java bytecode estimation logic for optional fields.\n * Optimize Descriptor.isExtensionNumber.\n * deps: update JUnit and Truth (#8319)\n * Detect invalid overflow of byteLimit and return InvalidProtocolBufferException as documented.\n * Exceptions thrown while reading from an InputStream in parseFrom are now\n included as causes.\n * Support potentially more efficient proto parsing from RopeByteStrings.\n * Clarify runtime of ByteString.Output.toStringBuffer().\n * Added UnsafeByteOperations to protobuf-lite (#8426)\n Python:\n * Add MethodDescriptor.CopyToProto() (#8327)\n * Remove unused python_protobuf.{cc,h} (#8513)\n * Start publishing python aarch64 manylinux wheels normally (#8530)\n * Fix constness issue detected by MSVC standard conforming mode (#8568)\n * Make JSON parsing match C++ and Java when multiple fields from the same\n oneof are present and all but one is null.\n * Fix some constness / char literal issues being found by MSVC standard conforming mode (#8344)\n * Switch on 'new' buffer API (#8339)\n * Enable crosscompiling aarch64 python wheels under dockcross manylinux docker image (#8280)\n * Fixed a bug in text format where a trailing colon was printed for repeated field.\n * When TextFormat encounters a duplicate message map key, replace the current\n one instead of merging.\n Ruby:\n * Add support for proto3 json_name in compiler and field definitions (#8356)\n * Fixed memory leak of Ruby arena objects. (#8461)\n * Fix source gem compilation (#8471)\n * Fix various exceptions in Ruby on 64-bit Windows (#8563)\n * Fix crash when calculating Message hash values on 64-bit Windows (#8565)\n General:\n * Support M1 (#8557)\n\nUpdate to 3.15.8:\n - Fixed memory leak of Ruby arena objects (#8461)\n\nUpdate to 3.15.7:\n\n C++:\n * Remove the ::pb namespace (alias) (#8423)\n Ruby:\n * Fix unbounded memory growth for Ruby <2.7 (#8429)\n * Fixed message equality in cases where the message type is different (#8434)\n\nupdate to 3.15.6:\n\n Ruby:\n * Fixed bug in string comparison logic (#8386)\n * Fixed quadratic memory use in array append (#8379)\n * Fixed SEGV when users pass nil messages (#8363)\n * Fixed quadratic memory usage when appending to arrays (#8364)\n * Ruby <2.7 now uses WeakMap too, which prevents memory leaks. (#8341)\n * Fix for FieldDescriptor.get(msg) (#8330)\n * Bugfix for Message.[] for repeated or map fields (#8313)\n PHP:\n * read_property() handler is not supposed to return NULL (#8362)\n Protocol Compiler\n * Optional fields for proto3 are enabled by default, and no longer require\n the --experimental_allow_proto3_optional flag.\n C++:\n * Do not disable RTTI by default in the CMake build (#8377)\n * Create a CMake option to control whether or not RTTI is enabled (#8361)\n * Fix PROTOBUF_CONSTINIT macro redefinition (#8323)\n * MessageDifferencer: fixed bug when using custom ignore with multiple\n unknown fields\n * Use init_seg in MSVC to push initialization to an earlier phase.\n * Runtime no longer triggers -Wsign-compare warnings.\n * Fixed -Wtautological-constant-out-of-range-compare warning.\n * DynamicCastToGenerated works for nullptr input for even if RTTI is disabled\n * Arena is refactored and optimized.\n * Clarified/specified that the exact value of Arena::SpaceAllocated() is an\n implementation detail users must not rely on. It should not be used in\n unit tests.\n * Change the signature of Any::PackFrom() to return false on error.\n * Add fast reflection getter API for strings.\n * Constant initialize the global message instances\n * Avoid potential for missed wakeup in UnknownFieldSet\n * Now Proto3 Oneof fields have 'has' methods for checking their presence in\n C++.\n * Bugfix for NVCC\n * Return early in _InternalSerialize for empty maps.\n * Adding functionality for outputting map key values in proto path logging\n output (does not affect comparison logic) and stop printing 'value' in the\n path. The modified print functionality is in the\n MessageDifferencer::StreamReporter.\n * Fixed https://github.com/protocolbuffers/protobuf/issues/8129\n * Ensure that null char symbol, package and file names do not result in a\n crash.\n * Constant initialize the global message instances\n * Pretty print 'max' instead of numeric values in reserved ranges.\n * Removed remaining instances of std::is_pod, which is deprecated in C++20.\n * Changes to reduce code size for unknown field handling by making uncommon\n cases out of line.\n * Fix std::is_pod deprecated in C++20 (#7180)\n * Fix some -Wunused-parameter warnings (#8053)\n * Fix detecting file as directory on zOS issue #8051 (#8052)\n * Don't include sys/param.h for _BYTE_ORDER (#8106)\n * remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154)\n * Fix TextFormatMapTest.DynamicMessage issue#5136 (#8159)\n * Fix for compiler warning issue#8145 (#8160)\n * fix: support deprecated enums for GCC < 6 (#8164)\n * Fix some warning when compiling with Visual Studio 2019 on x64 target (#8125)\n Python:\n * Provided an override for the reverse() method that will reverse the internal\n collection directly instead of using the other methods of the BaseContainer.\n * MessageFactory.CreateProtoype can be overridden to customize class creation.\n * Fix PyUnknownFields memory leak (#7928)\n * Add macOS big sur compatibility (#8126)\n JavaScript\n * Generate `getDescriptor` methods with `*` as their `this` type.\n * Enforce `let/const` for generated messages.\n * js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with\n negative bitsLow and low but non-zero bitsHigh parameter. (#8170)\n PHP:\n * Added support for PHP 8. (#8105)\n * unregister INI entries and fix invalid read on shutdown (#8042)\n * Fix PhpDoc comments for message accessors to include '|null'. (#8136)\n * fix: convert native PHP floats to single precision (#8187)\n * Fixed PHP to support field numbers >=2**28. (#8235)\n * feat: add support for deprecated fields to PHP compiler (#8223)\n * Protect against stack overflow if the user derives from Message. (#8248)\n * Fixed clone for Message, RepeatedField, and MapField. (#8245)\n * Updated upb to allow nonzero offset minutes in JSON timestamps. (#8258)\n Ruby:\n * Added support for Ruby 3. (#8184)\n * Rewrote the data storage layer to be based on upb_msg objects from the\n upb library. This should lead to much better parsing performance,\n particularly for large messages. (#8184).\n * Fill out JRuby support (#7923)\n * [Ruby] Fix: (SIGSEGV) gRPC-Ruby issue on Windows. memory alloc infinite\n recursion/run out of memory (#8195)\n * Fix jruby support to handle messages nested more than 1 level deep (#8194)\n Java:\n * Avoid possible UnsupportedOperationException when using CodedInputSteam\n with a direct ByteBuffer.\n * Make Durations.comparator() and Timestamps.comparator() Serializable.\n * Add more detailed error information for dynamic message field type\n validation failure\n * Removed declarations of functions declared in java_names.h from\n java_helpers.h.\n * Now Proto3 Oneof fields have 'has' methods for checking their presence in\n Java.\n * Annotates Java proto generated *_FIELD_NUMBER constants.\n * Add -assumevalues to remove JvmMemoryAccessor on Android.\n C#:\n * Fix parsing negative Int32Value that crosses segment boundary (#8035)\n * Change ByteString to use memory and support unsafe create without copy (#7645)\n * Optimize MapField serialization by removing MessageAdapter (#8143)\n * Allow FileDescriptors to be parsed with extension registries (#8220)\n * Optimize writing small strings (#8149)\n\n- Updated URL to https://github.com/protocolbuffers/protobuf\n\nUpdate to v3.14.0\n\n Protocol Compiler:\n * The proto compiler no longer requires a .proto filename when it is not\n generating code.\n * Added flag `--deterministic_output` to `protoc --encode=...`.\n * Fixed deadlock when using google.protobuf.Any embedded in aggregate options.\n C++:\n * Arenas are now unconditionally enabled. cc_enable_arenas no longer has\n any effect.\n * Removed inlined string support, which is incompatible with arenas.\n * Fix a memory corruption bug in reflection when mixing optional and\n non-optional fields.\n * Make SpaceUsed() calculation more thorough for map fields.\n * Add stack overflow protection for text format with unknown field values.\n * FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds\n error was encountered.\n * Performance improvements for Map.\n * Minor formatting fix when dumping a descriptor to .proto format with\n DebugString.\n * UBSAN fix in RepeatedField\n * When running under ASAN, skip a test that makes huge allocations.\n * Fixed a crash that could happen when creating more than 256 extensions in\n a single message.\n * Fix a crash in BuildFile when passing in invalid descriptor proto.\n * Parser security fix when operating with CodedInputStream.\n * Warn against the use of AllowUnknownExtension.\n * Migrated to C++11 for-range loops instead of index-based loops where\n possible. This fixes a lot of warnings when compiling with -Wsign-compare.\n * Fix segment fault for proto3 optional\n * Adds a CMake option to build `libprotoc` separately\n Java\n * Bugfix in mergeFrom() when a oneof has multiple message fields.\n * Fix RopeByteString.RopeInputStream.read() returning -1 when told to read\n 0 bytes when not at EOF.\n * Redefine remove(Object) on primitive repeated field Lists to avoid\n autoboxing.\n * Support '\\u' escapes in textformat string literals.\n * Trailing empty spaces are no longer ignored for FieldMask.\n * Fix FieldMaskUtil.subtract to recursively remove mask.\n * Mark enums with `@java.lang.Deprecated` if the proto enum has option\n `deprecated = true;`.\n * Adding forgotten duration.proto to the lite library\n Python:\n * Print google.protobuf.NullValue as null instead of 'NULL_VALUE' when it is\n used outside WKT Value/Struct.\n * Fix bug occurring when attempting to deep copy an enum type in python 3.\n * Add a setuptools extension for generating Python protobufs\n * Remove uses of pkg_resources in non-namespace packages\n * [bazel/py] Omit google/__init__.py from the Protobuf runtime\n * Removed the unnecessary setuptools package dependency for Python package\n * Fix PyUnknownFields memory leak\n PHP:\n * Added support for '==' to the PHP C extension\n * Added `==` operators for Map and Array\n * Native C well-known types\n * Optimized away hex2bin() call in generated code\n * New version of upb, and a new hash function wyhash in third_party\n * add missing hasOneof method to check presence of oneof fields\n Go:\n * Update go_package options to reference google.golang.org/protobuf module.\n C#:\n * annotate ByteString.CopyFrom(ReadOnlySpan<byte>) as SecuritySafeCritical\n * Fix C# optional field reflection when there are regular fields too\n * Fix parsing negative Int32Value that crosses segment boundary\n Javascript:\n * JS: parse (un)packed fields conditionally\n\nUpdate to version 3.13.0\n PHP:\n * The C extension is completely rewritten. The new C extension has significantly\n better parsing performance and fixes a handful of conformance issues. It will\n also make it easier to add support for more features like proto2 and proto3 presence.\n * The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP.\n C++:\n * Removed deprecated unsafe arena string accessors\n * Enabled heterogeneous lookup for std::string keys in maps.\n * Removed implicit conversion from StringPiece to std::string\n * Fix use-after-destroy bug when the Map is allocated in the arena.\n * Improved the randomness of map ordering\n * Added stack overflow protection for text format with unknown fields\n * Use std::hash for proto maps to help with portability.\n * Added more Windows macros to proto whitelist.\n * Arena constructors for map entry messages are now marked 'explicit'\n (for regular messages they were already explicit).\n * Fix subtle aliasing bug in RepeatedField::Add\n * Fix mismatch between MapEntry ByteSize and Serialize with respect to unset\n fields.\n Python:\n * JSON format conformance fixes:\n * Reject lowercase t for Timestamp json format.\n * Print full_name directly for extensions (no camelCase).\n * Reject boolean values for integer fields.\n * Reject NaN, Infinity, -Infinity that is not quoted.\n * Base64 fixes for bytes fields: accept URL-safe base64 and missing padding.\n * Bugfix for fields/files named 'async' or 'await'.\n * Improved the error message when AttributeError is returned from __getattr__\n in EnumTypeWrapper.\n Java:\n * Fixed a bug where setting optional proto3 enums with setFooValue() would\n not mark the value as present.\n * Add Subtract function to FieldMaskUtil.\n C#:\n * Dropped support for netstandard1.0 (replaced by support for netstandard1.1).\n This was required to modernize the parsing stack to use the `Span<byte>`\n type internally\n * Add `ParseFrom(ReadOnlySequence<byte>)` method to enable GC friendly\n parsing with reduced allocations and buffer copies\n * Add support for serialization directly to a `IBufferWriter<byte>` or\n to a `Span<byte>` to enable GC friendly serialization.\n The new API is available as extension methods on the `IMessage` type\n * Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make\n generated code compatible with old C# compilers (pre-roslyn compilers\n from .NET framework and old versions of mono) that do not support\n ref structs. Users that are still on a legacy stack that does\n not support C# 7.2 compiler might need to use the new define\n in their projects to be able to build the newly generated code\n * Due to the major overhaul of parsing and serialization internals,\n it is recommended to regenerate your generated code to achieve the best\n performance (the legacy generated code will still work, but might incur\n a slight performance penalty).\n\nUpdate to version 3.12.3; notable changes since 3.11.4:\n\n Protocol Compiler:\n * [experimental] Singular, non-message typed fields in proto3 now support\n presence tracking. This is enabled by adding the 'optional' field label and\n passing the --experimental_allow_proto3_optional flag to protoc.\n * For usage info, see docs/field_presence.md.\n * During this experimental phase, code generators should update to support\n proto3 presence, see docs/implementing_proto3_presence.md for instructions.\n * Allow duplicate symbol names when multiple descriptor sets are passed on\n the command-line, to match the behavior when multiple .proto files are passed.\n * Deterministic `protoc --descriptor_set_out` (#7175)\n Objective-C:\n * Tweak the union used for Extensions to support old generated code. #7573\n * Fix for the :protobuf_objc target in the Bazel BUILD file. (#7538)\n * [experimental] ObjC Proto3 optional support (#7421)\n * Block subclassing of generated classes (#7124)\n * Use references to Obj C classes instead of names in descriptors. (#7026)\n * Revisit how the WKTs are bundled with ObjC. (#7173)\n C++:\n * Simplified the template export macros to fix the build for mingw32. (#7539)\n * [experimental] Added proto3 presence support.\n * New descriptor APIs to support proto3 presence.\n * Enable Arenas by default on all .proto files.\n * Documented that users are not allowed to subclass Message or MessageLite.\n * Mark generated classes as final; inheriting from protos is strongly discouraged.\n * Add stack overflow protection for text format with unknown fields.\n * Add accessors for map key and value FieldDescriptors.\n * Add FieldMaskUtil::FromFieldNumbers().\n * MessageDifferencer: use ParsePartial() on Any fields so the diff does not\n fail when there are missing required fields.\n * ReflectionOps::Merge(): lookup messages in the right factory, if it can.\n * Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type()\n accessor as an easier way of determining if a message is a Well-Known Type.\n * Optimized RepeatedField::Add() when it is used in a loop.\n * Made proto move/swap more efficient.\n * De-virtualize the GetArena() method in MessageLite.\n * Improves performance of json_stream_parser.cc by factor 1000 (#7230)\n * bug: #7076 undefine Windows OUT and OPTIONAL macros (#7087)\n * Fixed a bug in FieldDescriptor::DebugString() that would erroneously print\n an 'optional' label for a field in a oneof.\n * Fix bug in parsing bool extensions that assumed they are always 1 byte.\n * Fix off-by-one error in FieldOptions::ByteSize() when extensions are present.\n * Clarified the comments to show an example of the difference between\n Descriptor::extension and DescriptorPool::FindAllExtensions.\n * Add a compiler option 'code_size' to force optimize_for=code_size on all\n protos where this is possible.\n Ruby:\n * Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however\n many people still use them and dropping support will require more\n coordination.\n * [experimental] Implemented proto3 presence for Ruby. (#7406)\n * Stop building binary gems for ruby <2.5 (#7453)\n * Fix for wrappers with a zero value (#7195)\n * Fix for JSON serialization of 0/empty-valued wrapper types (#7198)\n * Call 'Class#new' over rb_class_new_instance in decoding (#7352)\n * Build extensions for Ruby 2.7 (#7027)\n * assigning 'nil' to submessage should clear the field. (#7397)\n Java:\n * [experimental] Added proto3 presence support.\n * Mark java enum _VALUE constants as @Deprecated if the enum field is deprecated\n * reduce <clinit> size for enums with allow_alias set to true.\n * Sort map fields alphabetically by the field's key when printing textproto.\n * Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508).\n * TextFormat.merge() handles Any as top level type.\n * Throw a descriptive IllegalArgumentException when calling\n getValueDescriptor() on enum special value UNRECOGNIZED instead of\n ArrayIndexOutOfBoundsException.\n * Fixed an issue with JsonFormat.printer() where setting printingEnumsAsInts()\n would override the configuration passed into includingDefaultValueFields().\n * Implement overrides of indexOf() and contains() on primitive lists returned\n for repeated fields to avoid autoboxing the list contents.\n * Add overload to FieldMaskUtil.fromStringList that accepts a descriptor.\n * [bazel] Move Java runtime/toolchains into //java (#7190)\n Python:\n * [experimental] Added proto3 presence support.\n * [experimental] fast import protobuf module, only works with cpp generated code linked in.\n * Truncate 'float' fields to 4 bytes of precision in setters for pure-Python\n implementation (C++ extension was already doing this).\n * Fixed a memory leak in C++ bindings.\n * Added a deprecation warning when code tries to create Descriptor objects\n directly.\n * Fix unintended comparison between bytes and string in descriptor.py.\n * Avoid printing excess digits for float fields in TextFormat.\n * Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code.\n * Drop 3.3, 3.4 and use single version docker images for all python tests (#7396)\n JavaScript:\n * Fix js message pivot selection (#6813)\n PHP:\n * Persistent Descriptor Pool (#6899)\n * Implement lazy loading of php class for proto messages (#6911)\n * Correct @return in Any.unpack docblock (#7089)\n * Ignore unknown enum value when ignore_unknown specified (#7455)\n C#:\n * [experimental] Add support for proto3 presence fields in C# (#7382)\n * Mark GetOption API as obsolete and expose the 'GetOptions()' method on descriptors instead (#7491)\n * Remove Has/Clear members for C# message fields in proto2 (#7429)\n * Enforce recursion depth checking for unknown fields (#7132)\n * Fix conformance test failures for Google.Protobuf (#6910)\n * Cleanup various bits of Google.Protobuf (#6674)\n * Fix latest ArgumentException for C# extensions (#6938)\n * Remove unnecessary branch from ReadTag (#7289)\n Other:\n * Add a proto_lang_toolchain for javalite (#6882)\n * [bazel] Update gtest and deprecate //external:{gtest,gtest_main} (#7237)\n * Add application note for explicit presence tracking. (#7390)\n * Howto doc for implementing proto3 presence in a code generator. (#7407)\n\nUpdate to version 3.11.4; notable changes since 3.9.2:\n\n * C++: Make serialization method naming consistent\n * C++: Moved ShutdownProtobufLibrary() to message_lite.h. For\n backward compatibility a declaration is still available\n in stubs/common.h, but users should prefer message_lite.h\n * C++: Removed non-namespace macro EXPECT_OK()\n * C++: Removed mathlimits.h from stubs in favor of using\n std::numeric_limits from C++11\n * C++: Support direct pickling of nested messages\n * C++: Disable extension code gen for C#\n * C++: Switch the proto parser to the faster MOMI parser\n * C++: Unused imports of files defining descriptor extensions\n will now be reported\n * C++: Add proto2::util::RemoveSubranges to remove multiple\n subranges in linear time\n * C++: Support 32 bit values for ProtoStreamObjectWriter to Struct\n * C++: Removed the internal-only header coded_stream_inl.h and\n the internal-only methods defined there\n * C++: Enforced no SWIG wrapping of descriptor_database.h\n (other headers already had this restriction)\n * C++: Implementation of the equivalent of the MOMI parser for\n serialization. This removes one of the two serialization\n routines, by making the fast array serialization routine\n completely general. SerializeToCodedStream can now be\n implemented in terms of the much much faster array\n serialization. The array serialization regresses slightly,\n but when array serialization is not possible this wins big\n * C++: Add move constructor for Reflection's SetString\n * Java: Remove the usage of MethodHandle, so that Android users\n prior to API version 26 can use protobuf-java\n * Java: Publish ProGuard config for javalite\n * Java: Include unknown fields when merging proto3 messages in\n Java lite builders\n * Java: Have oneof enums implement a separate interface (other\n than EnumLite) for clarity\n * Java: Opensource Android Memory Accessors\n * Java: Change ProtobufArrayList to use Object[] instead of\n ArrayList for 5-10% faster parsing\n * Java: Make a copy of JsonFormat.TypeRegistry at the protobuf\n top level package. This will eventually replace\n JsonFormat.TypeRegistry\n * Java: Add Automatic-Module-Name entries to the Manifest\n * Python: Add float_precision option in json format printer\n * Python: Optionally print bytes fields as messages in unknown\n fields, if possible\n * Python: Experimental code gen (fast import protobuf module)\n which only work with cpp generated code linked in\n * Python: Add descriptor methods in descriptor_pool are deprecated\n * Python: Added delitem for Python extension dict\n * JavaScript: Remove guard for Symbol iterator for jspb.Map\n * JavaScript: Remove deprecated boolean option to getResultBase64String()\n * JavaScript: Change the parameter types of binaryReaderFn in\n ExtensionFieldBinaryInfo to (number, ?, ?)\n * JavaScript: Create dates.ts and time_of_days.ts to mirror Java\n versions. This is a near-identical conversion of\n c.g.type.util.{Dates,TimeOfDays} respectively\n * JavaScript: Migrate moneys to TypeScript\n * PHP: Increase php7.4 compatibility\n * PHP: Implement lazy loading of php class for proto messages\n * Ruby: Support hashes for struct initializers\n * C#: Experimental proto2 support is now officially available\n * C#: Change _Extensions property to normal body rather than expression\n * Objective C: Remove OSReadLittle* due to alignment requirements\n * Other: Override CocoaPods module to lowercase\n * further bugfixes and optimisations\n- Install LICENSE\n- Drop protobuf-libs as it is just workaround for rpmlint issue\n * python bindings now require recent python-google-apputils\n * Released memory allocated by InitializeDefaultRepeatedFields()\n and GetEmptyString(). Some memory sanitizers reported them\n * Updated DynamicMessage.setField() to handle repeated enum\n * Fixed a bug that caused NullPointerException to be thrown when\n converting manually constructed FileDescriptorProto to\n * Added oneofs(unions) feature. Fields in the same oneof will\n * Files, services, enums, messages, methods and enum values\n * Added Support for list values, including lists of mesaages,\n * Added SwapFields() in reflection API to swap a subset of\n * Repeated primitive extensions are now packable. The\n it is possible to switch a repeated extension field to\n * writeTo() method in ByteString can now write a substring to\n * java_generate_equals_and_hash can now be used with the\n * A new C++-backed extension module (aka 'cpp api v2') that\n replaces the old ('cpp api v1') one. Much faster than the\n pure Python code. This one resolves many bugs and is\n mosh reqires it\n\npython-abseil was udpated:\n\nversion update to 1.4.0\n New:\n (testing) Added @flagsaver.as_parsed: this allows saving/restoring flags\n using string values as if parsed from the command line and will also reflect\n other flag states after command line parsing, e.g. .present is set.\n Changed:\n (logging) If no log dir is specified logging.find_log_dir() now falls back\n to tempfile.gettempdir() instead of /tmp/.\n Fixed:\n (flags) Additional kwargs (e.g. short_name=) to DEFINE_multi_enum_class\n are now correctly passed to the underlying Flag object.\n\nversion update to 1.2.0\n * Fixed a crash in Python 3.11 when `TempFileCleanup.SUCCESS` is used.\n * `Flag` instances now raise an error if used in a bool context. This prevents\n the occasional mistake of testing an instance for truthiness rather than\n testing `flag.value`.\n * `absl-py` no longer depends on `six`.\n\nUpdate to version 1.0.0 \n * absl-py no longer supports Python 2.7, 3.4, 3.5. All versions\n have reached end-of-life for more than a year now.\n * New releases will be tagged as vX.Y.Z instead of pypi-vX.Y.Z in\n the git repo going forward.\n\n- Release notes for 0.15.0\n\n * (testing) #128: When running bazel with its --test_filter=\n flag, it now treats the filters as unittest's -k flag in Python\n 3.7+.\n\n- Release notes for 0.14.1\n\n * Top-level LICENSE file is now exported in bazel.\n\n- Release notes for 0.14.0\n\n * #171: Creating argparse_flags.ArgumentParser with\n argument_default= no longer raises an exception when other\n absl.flags flags are defined.\n * #173: absltest now correctly sets up test filtering and fail\n fast flags when an explicit argv= parameter is passed to\n absltest.main.\n\n- Release notes for 0.13.0\n * (app) Type annotations for public app interfaces.\n * (testing) Added new decorator @absltest.skipThisClass to\n indicate a class contains shared functionality to be used as a\n base class for other TestCases, and therefore should be\n skipped.\n * (app) Annotated the flag_parser paramteter of run as\n keyword-only. This keyword-only constraint will be enforced at\n runtime in a future release.\n * (app, flags) Flag validations now include all errors from\n disjoint flag sets, instead of fail fast upon first error from\n all validators. Multiple validators on the same flag still\n fails fast.\n- Release notes for 0.12.0\n * (flags) Made EnumClassSerializer and EnumClassListSerializer\n public.\n * (flags) Added a required: Optional[bool] = False parameter to\n DEFINE_* functions.\n * (testing) flagsaver overrides can now be specified in terms of\n FlagHolder.\n * (testing) parameterized.product: Allows testing a method over\n cartesian product of parameters values, specified as a\n sequences of values for each parameter or as kwargs-like dicts\n of parameter values.\n * (testing) Added public flag holders for --test_srcdir and\n --test_tmpdir. Users should use absltest.TEST_SRCDIR.value and\n absltest.TEST_TMPDIR.value instead of FLAGS.test_srcdir and\n FLAGS.test_tmpdir.\n * (flags) Made CsvListSerializer respect its delimiter argument.\n\n- Add Provides python-absl-py\n\npython-grpcuio was updated:\n\n- Update to version 1.60.0:\n * No python specfic changes.\n\n- Update to version 1.59.2:\n * No python specific changes.\n\n- Update to version 1.59.0:\n * [Python 3.12] Support Python 3.12 (gh#grpc/grpc#34398).\n * [Python 3.12] Deprecate distutil (gh#grpc/grpc#34186).\n\n- Update to version 1.58.0:\n * [Bazel] Enable grpcio-reflection to be used via Bazel\n (gh#grpc/grpc#31013).\n * [packaging] Publish xds-protos as part of the standard package\n pipeline (gh#grpc/grpc#33797).\n\n- Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)\n * [posix] Enable systemd sockets for libsystemd>=233\n (gh#grpc/grpc#32671).\n * [python O11Y] Initial Implementation (gh#grpc/grpc#32974).\n- Build with LTO (don't set _lto_cflags to %nil).\n- No need to pass '-std=c++17' to build CFLAGS.\n\n- Update to version 1.56.2:\n\n * [WRR] backport (gh#grpc/grpc#33694) to 1.56\n (gh#grpc/grpc#33698)\n * [backport][iomgr][EventEngine] Improve server handling of\n file descriptor exhaustion (gh#grpc/grpc#33667)\n- Switch build to pip/wheel.\n- Use system abseil with '-std=c++17' to prevent undefined symbol\n eg. with python-grpcio-tools (_ZN3re23RE213GlobalReplaceEPNSt7__\n cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKS0_N4absl12lts_\n 2023012511string_viewE)\n\n- Upstream only supports python >= 3.7, so adjust BuildRequires\n accordingly.\n\n- Add %{?sle15_python_module_pythons}\n\n- Update to version 1.56.0: (CVE-2023-32731, bsc#1212180)\n * [aio types] Fix some grpc.aio python types\n (gh#grpc/grpc#32475).\n\n- Update to version 1.55.0:\n * [EventEngine] Disable EventEngine polling in gRPC Python\n (gh#grpc/grpc#33279) (gh#grpc/grpc#33320).\n * [Bazel Python3.11] Update Bazel dependencies for Python 3.11\n (gh#grpc/grpc#33318) (gh#grpc/grpc#33319).\n- Drop Requires: python-six; not required any more.\n- Switch Suggests to Recommends.\n\n- Update to version 1.54.0: (CVE-2023-32732, bsc#1212182)\n * Fix DeprecationWarning when calling asyncio.get_event_loop()\n (gh#grpc/grpc#32533).\n * Remove references to deprecated syntax field\n (gh#grpc/grpc#32497).\n\n- Update to version 1.51.1:\n * No Linux specific changes.\n- Changes from version 1.51.0:\n * Fix lack of cooldown between poll attempts\n (gh#grpc/grpc#31550).\n * Remove enum and future (gh#grpc/grpc#31381).\n * [Remove Six] Remove dependency on six (gh#grpc/grpc#31340).\n * Update xds-protos package to pull in protobuf 4.X\n (gh#grpc/grpc#31113).\n\n- Update to version 1.50.0:\n * Support Python 3.11. [gh#grpc/grpc#30818].\n\n- Update to version 1.49.1\n * Support Python 3.11. (#30818)\n * Add type stub generation support to grpcio-tools. (#30498)\n\n- Update to version 1.48.0:\n * [Aio] Ensure Core channel closes when deallocated\n [gh#grpc/grpc#29797].\n * [Aio] Fix the wait_for_termination return value\n [gh#grpc/grpc#29795].\n\n- update to 1.46.3:\n * backport: xds: use federation env var to guard new-style resource name parsing\n * This release contains refinements, improvements, and bug fixes. \n\n- Update to version 1.46.0:\n * Add Python GCF Distribtest [gh#grpc/grpc#29303].\n * Add Python Reflection Client [gh#grpc/grpc#29085].\n * Revert 'Fix prefork handler register's default behavior'\n [gh#grpc/grpc#29229].\n * Fix prefork handler register's default behavior\n [gh#grpc/grpc#29103].\n * Fix fetching CXX variable in setup.py [gh#grpc/grpc#28873].\n\n- Update to version 1.45.0:\n * Reimplement Gevent Integration [gh#grpc/grpc#28276].\n * Support musllinux binary wheels on x64 and x86\n [gh#grpc/grpc#28092].\n * Increase the Python protobuf requirement to >=3.12.0\n [gh#grpc/grpc#28604].\n- Build with system re2; add BuildRequires: pkgconfig(re2).\n\n- Update to version 1.44.0:\n\n * Add python async example for hellostreamingworld using\n generator (gh#grpc/grpc#27343).\n * Disable __wrap_memcpy hack for Python builds\n (gh#grpc/grpc#28410).\n * Bump Bazel Python Cython dependency to 0.29.26\n (gh#grpc/grpc#28398).\n * Fix libatomic linking on Raspberry Pi OS Bullseye\n (gh#grpc/grpc#28041).\n * Allow generated proto sources in remote repositories for\n py_proto_library (gh#grpc/grpc#28103).\n\n- Update to version 1.43.0:\n * [Aio] Validate the input type for set_trailing_metadata and\n abort (gh#grpc/grpc#27958).\n\n- update to 1.41.1:\n * This is release 1.41.0 (goat) of gRPC Core. \n\n- Update to version 1.41.0:\n * Add Python 3.10 support and drop 3.5 (gh#grpc/grpc#26074).\n * [Aio] Remove custom IO manager support (gh#grpc/grpc#27090).\n\n- Update to version 1.39.0:\n * Python AIO: Match continuation typing on Interceptors\n (gh#grpc/grpc#26500).\n * Workaround #26279 by publishing manylinux_2_24 wheels instead\n of manylinux2014 on aarch64 (gh#grpc/grpc#26430).\n * Fix zlib unistd.h import problem (gh#grpc/grpc#26374).\n * Handle gevent exception in gevent poller (gh#grpc/grpc#26058).\n\n- Update to version 1.38.1:\n * Backport gh#grpc/grpc#26430 and gh#grpc/grpc#26435 to v1.38.x\n (gh#grpc/grpc#26436).\n\n- Update to version 1.38.0:\n * Add grpcio-admin Python package (gh#grpc/grpc#26166).\n * Add CSDS API to Python (gh#grpc/grpc#26114).\n * Expose code and details from context on the server side\n (gh#grpc/grpc#25457).\n * Explicitly import importlib.abc; required on Python 3.10.\n Fixes #26062 (gh#grpc/grpc#26083).\n * Fix potential deadlock on the GIL in AuthMetdataPlugin\n (gh#grpc/grpc#26009).\n * Introduce new Python package 'xds_protos'\n (gh#grpc/grpc#25975).\n * Remove async mark for set_trailing_metadata interface\n (gh#grpc/grpc#25814).\n\n- Update to version 1.37.1:\n * No user visible changes.\n- Changes from version 1.37.0:\n * Clarify Guarantees about grpc.Future Interface\n (gh#grpc/grpc#25383).\n * [Aio] Add time_remaining method to ServicerContext\n (gh#grpc/grpc#25719).\n * Standardize all environment variable boolean configuration in\n python's setup.py (gh#grpc/grpc#25444).\n * Fix Signal Safety Issue (gh#grpc/grpc#25394).\n\n- Update to version 1.36.1:\n * Core: back-port: add env var protection for google-c2p\n resolver (gh#grpc/grpc#25569).\n\n- Update to version 1.35.0:\n * Implement Python Client and Server xDS Creds.\n (gh#grpc/grpc#25365)\n * Add %define _lto_cflags %{nil} (bsc#1182659) (rh#1893533)\n * Link roots.pem to ca-bundle.pem from ca-certificates package\n\n- Update to version 1.34.1:\n * Backport 'Lazily import grpc_tools when using runtime\n stub/message generation' to 1.34.x (gh#grpc/grpc#25011).\n\n- Update to version 1.34.0:\n * Incur setuptools as an dependency for grpcio_tools\n (gh#grpc/grpc#24752).\n * Stop the spamming log generated by ctrl-c for AsyncIO server\n (gh#grpc/grpc#24718).\n * [gRPC Easy] Make Well-Known Types Available to Runtime Protos\n (gh#grpc/grpc#24478).\n * Bump MACOSX_DEPLOYMENT_TARGET to 10.10 for Python\n (gh#grpc/grpc#24480).\n * Make Python 2 an optional dependency for Bazel build\n (gh#grpc/grpc#24407).\n * [Linux] [macOS] Support pre-compiled Python 3.9 wheels\n (gh#grpc/grpc#24356).\n\n- Update to version 1.33.2:\n\n * [Backport] Implement grpc.Future interface in\n SingleThreadedRendezvous (gh#grpc/grpc#24574).\n\n- Update to version 1.33.1:\n\n * [Backport] Make Python 2 an optional dependency for Bazel\n build (gh#grpc/grpc#24452).\n * Allow asyncio API to be imported as grpc.aio.\n (gh#grpc/grpc#24289).\n * [gRPC Easy] Fix import errors on Windows (gh#grpc/grpc#24124).\n * Make version check for importlib.abc in grpcio-tools more\n stringent (gh#grpc/grpc#24098).\n\nAdded re2 package in version 2024-02-01.\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2024-573,SUSE-SLE-INSTALLER-15-SP4-2024-573,SUSE-SLE-INSTALLER-15-SP5-2024-573,SUSE-SLE-Micro-5.3-2024-573,SUSE-SLE-Micro-5.4-2024-573,SUSE-SLE-Micro-5.5-2024-573,SUSE-SLE-Module-Basesystem-15-SP5-2024-573,SUSE-SLE-Module-Development-Tools-15-SP5-2024-573,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-573,SUSE-SLE-Module-Public-Cloud-15-SP4-2024-573,SUSE-SLE-Module-Public-Cloud-15-SP5-2024-573,SUSE-SLE-Module-Python3-15-SP5-2024-573,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-573,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-573,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-573,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-573,SUSE-SLE-Product-WE-15-SP5-2024-573,openSUSE-Leap-Micro-5.3-2024-573,openSUSE-Leap-Micro-5.4-2024-573,openSUSE-SLE-15.5-2024-573", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0573-1.json", }, { category: "self", summary: "URL for SUSE-SU-2024:0573-1", url: "https://www.suse.com/support/update/announcement/2024/suse-su-20240573-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2024:0573-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017985.html", }, { category: "self", summary: "SUSE Bug 1133277", url: "https://bugzilla.suse.com/1133277", }, { category: "self", summary: "SUSE Bug 1182659", url: "https://bugzilla.suse.com/1182659", }, { category: "self", summary: "SUSE Bug 1203378", url: "https://bugzilla.suse.com/1203378", }, { category: "self", summary: "SUSE Bug 1208794", url: "https://bugzilla.suse.com/1208794", }, { category: "self", summary: "SUSE Bug 1212180", url: "https://bugzilla.suse.com/1212180", }, { category: "self", summary: "SUSE Bug 1212182", url: "https://bugzilla.suse.com/1212182", }, { category: "self", summary: "SUSE Bug 1214148", url: "https://bugzilla.suse.com/1214148", }, { category: "self", summary: "SUSE Bug 1215334", url: "https://bugzilla.suse.com/1215334", }, { category: "self", summary: "SUSE CVE CVE-2023-32731 page", url: "https://www.suse.com/security/cve/CVE-2023-32731/", }, { category: "self", summary: "SUSE CVE CVE-2023-32732 page", url: "https://www.suse.com/security/cve/CVE-2023-32732/", }, { category: "self", summary: "SUSE CVE CVE-2023-33953 page", url: "https://www.suse.com/security/cve/CVE-2023-33953/", }, { category: "self", summary: "SUSE CVE CVE-2023-44487 page", url: "https://www.suse.com/security/cve/CVE-2023-44487/", }, { category: "self", summary: "SUSE CVE CVE-2023-4785 page", url: "https://www.suse.com/security/cve/CVE-2023-4785/", }, ], title: "Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2", tracking: { current_release_date: "2024-02-21T08:37:00Z", generator: { date: "2024-02-21T08:37:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2024:0573-1", initial_release_date: "2024-02-21T08:37:00Z", revision_history: [ { date: "2024-02-21T08:37:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", product: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", product_id: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, }, { category: "product_version", name: "grpc-devel-1.60.0-150400.8.3.2.aarch64", product: { name: "grpc-devel-1.60.0-150400.8.3.2.aarch64", product_id: "grpc-devel-1.60.0-150400.8.3.2.aarch64", }, }, { category: "product_version", name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", product: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", product_id: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, }, { category: "product_version", name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", product: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", product_id: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, }, { category: "product_version", name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", product: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", product_id: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, }, { category: "product_version", name: "libgrpc37-1.60.0-150400.8.3.2.aarch64", product: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64", product_id: "libgrpc37-1.60.0-150400.8.3.2.aarch64", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", product: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", product_id: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", product: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", product_id: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", product: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", product_id: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "libre2-11-20240201-150400.9.3.1.aarch64", product: { name: "libre2-11-20240201-150400.9.3.1.aarch64", product_id: "libre2-11-20240201-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "libupb37-1.60.0-150400.8.3.2.aarch64", product: { name: "libupb37-1.60.0-150400.8.3.2.aarch64", product_id: "libupb37-1.60.0-150400.8.3.2.aarch64", }, }, { category: "product_version", name: "protobuf-devel-25.1-150400.9.3.1.aarch64", product: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64", product_id: "protobuf-devel-25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "protobuf-java-25.1-150400.9.3.1.aarch64", product: { name: "protobuf-java-25.1-150400.9.3.1.aarch64", product_id: "protobuf-java-25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "python311-grpcio-1.60.0-150400.9.3.2.aarch64", product: { name: "python311-grpcio-1.60.0-150400.9.3.2.aarch64", product_id: "python311-grpcio-1.60.0-150400.9.3.2.aarch64", }, }, { category: "product_version", name: "python311-protobuf-4.25.1-150400.9.3.1.aarch64", product: { name: "python311-protobuf-4.25.1-150400.9.3.1.aarch64", product_id: "python311-protobuf-4.25.1-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "re2-devel-20240201-150400.9.3.1.aarch64", product: { name: "re2-devel-20240201-150400.9.3.1.aarch64", product_id: "re2-devel-20240201-150400.9.3.1.aarch64", }, }, { category: "product_version", name: "upb-devel-1.60.0-150400.8.3.2.aarch64", product: { name: "upb-devel-1.60.0-150400.8.3.2.aarch64", product_id: "upb-devel-1.60.0-150400.8.3.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libabsl2308_0_0-64bit-20230802.1-150400.10.4.1.aarch64_ilp32", product: { name: "libabsl2308_0_0-64bit-20230802.1-150400.10.4.1.aarch64_ilp32", product_id: "libabsl2308_0_0-64bit-20230802.1-150400.10.4.1.aarch64_ilp32", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product: { name: "libprotobuf-lite25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product_id: "libprotobuf-lite25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", }, }, { category: "product_version", name: "libprotobuf25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product: { name: "libprotobuf25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product_id: "libprotobuf25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", }, }, { category: "product_version", name: "libprotoc25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product: { name: "libprotoc25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", product_id: "libprotoc25_1_0-64bit-25.1-150400.9.3.1.aarch64_ilp32", }, }, { category: "product_version", name: "libre2-11-64bit-20240201-150400.9.3.1.aarch64_ilp32", product: { name: "libre2-11-64bit-20240201-150400.9.3.1.aarch64_ilp32", product_id: "libre2-11-64bit-20240201-150400.9.3.1.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "abseil-cpp-devel-20230802.1-150400.10.4.1.i586", product: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.i586", product_id: "abseil-cpp-devel-20230802.1-150400.10.4.1.i586", }, }, { category: "product_version", name: "grpc-devel-1.60.0-150400.8.3.2.i586", product: { name: "grpc-devel-1.60.0-150400.8.3.2.i586", product_id: "grpc-devel-1.60.0-150400.8.3.2.i586", }, }, { category: "product_version", name: "libabsl2308_0_0-20230802.1-150400.10.4.1.i586", product: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.i586", product_id: "libabsl2308_0_0-20230802.1-150400.10.4.1.i586", }, }, { category: "product_version", name: "libgrpc++1_60-1.60.0-150400.8.3.2.i586", product: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.i586", product_id: "libgrpc++1_60-1.60.0-150400.8.3.2.i586", }, }, { category: "product_version", name: "libgrpc1_60-1.60.0-150400.8.3.2.i586", product: { name: "libgrpc1_60-1.60.0-150400.8.3.2.i586", product_id: "libgrpc1_60-1.60.0-150400.8.3.2.i586", }, }, { category: "product_version", name: "libgrpc37-1.60.0-150400.8.3.2.i586", product: { name: "libgrpc37-1.60.0-150400.8.3.2.i586", product_id: "libgrpc37-1.60.0-150400.8.3.2.i586", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.i586", product: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.i586", product_id: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "libprotobuf25_1_0-25.1-150400.9.3.1.i586", product: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.i586", product_id: "libprotobuf25_1_0-25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "libprotoc25_1_0-25.1-150400.9.3.1.i586", product: { name: "libprotoc25_1_0-25.1-150400.9.3.1.i586", product_id: "libprotoc25_1_0-25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "libre2-11-20240201-150400.9.3.1.i586", product: { name: "libre2-11-20240201-150400.9.3.1.i586", product_id: "libre2-11-20240201-150400.9.3.1.i586", }, }, { category: "product_version", name: "libupb37-1.60.0-150400.8.3.2.i586", product: { name: "libupb37-1.60.0-150400.8.3.2.i586", product_id: "libupb37-1.60.0-150400.8.3.2.i586", }, }, { category: "product_version", name: "protobuf-devel-25.1-150400.9.3.1.i586", product: { name: "protobuf-devel-25.1-150400.9.3.1.i586", product_id: "protobuf-devel-25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "protobuf-java-25.1-150400.9.3.1.i586", product: { name: "protobuf-java-25.1-150400.9.3.1.i586", product_id: "protobuf-java-25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "python311-grpcio-1.60.0-150400.9.3.2.i586", product: { name: "python311-grpcio-1.60.0-150400.9.3.2.i586", product_id: "python311-grpcio-1.60.0-150400.9.3.2.i586", }, }, { category: "product_version", name: "python311-protobuf-4.25.1-150400.9.3.1.i586", product: { name: "python311-protobuf-4.25.1-150400.9.3.1.i586", product_id: "python311-protobuf-4.25.1-150400.9.3.1.i586", }, }, { category: "product_version", name: "re2-devel-20240201-150400.9.3.1.i586", product: { name: "re2-devel-20240201-150400.9.3.1.i586", product_id: "re2-devel-20240201-150400.9.3.1.i586", }, }, { category: "product_version", name: "upb-devel-1.60.0-150400.8.3.2.i586", product: { name: "upb-devel-1.60.0-150400.8.3.2.i586", product_id: "upb-devel-1.60.0-150400.8.3.2.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "grpc-source-1.60.0-150400.8.3.2.noarch", product: { name: "grpc-source-1.60.0-150400.8.3.2.noarch", product_id: "grpc-source-1.60.0-150400.8.3.2.noarch", }, }, { category: "product_version", name: "opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", product: { name: "opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", product_id: "opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", }, }, { category: "product_version", name: "python311-abseil-1.4.0-150400.9.3.1.noarch", product: { name: "python311-abseil-1.4.0-150400.9.3.1.noarch", product_id: "python311-abseil-1.4.0-150400.9.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", product: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", product_id: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", }, }, { category: "product_version", name: "grpc-devel-1.60.0-150400.8.3.2.ppc64le", product: { name: "grpc-devel-1.60.0-150400.8.3.2.ppc64le", product_id: "grpc-devel-1.60.0-150400.8.3.2.ppc64le", }, }, { category: "product_version", name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", product: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", product_id: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, }, { category: "product_version", name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", product: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", product_id: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", }, }, { category: "product_version", name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", product: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", product_id: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, }, { category: "product_version", name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", product: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", product_id: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", product: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", product_id: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", product: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", product_id: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", product: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", product_id: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "libre2-11-20240201-150400.9.3.1.ppc64le", product: { name: "libre2-11-20240201-150400.9.3.1.ppc64le", product_id: "libre2-11-20240201-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "libupb37-1.60.0-150400.8.3.2.ppc64le", product: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le", product_id: "libupb37-1.60.0-150400.8.3.2.ppc64le", }, }, { category: "product_version", name: "protobuf-devel-25.1-150400.9.3.1.ppc64le", product: { name: "protobuf-devel-25.1-150400.9.3.1.ppc64le", product_id: "protobuf-devel-25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "protobuf-java-25.1-150400.9.3.1.ppc64le", product: { name: "protobuf-java-25.1-150400.9.3.1.ppc64le", product_id: "protobuf-java-25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le", product: { name: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le", product_id: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le", }, }, { category: "product_version", name: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le", product: { name: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le", product_id: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "re2-devel-20240201-150400.9.3.1.ppc64le", product: { name: "re2-devel-20240201-150400.9.3.1.ppc64le", product_id: "re2-devel-20240201-150400.9.3.1.ppc64le", }, }, { category: "product_version", name: "upb-devel-1.60.0-150400.8.3.2.ppc64le", product: { name: "upb-devel-1.60.0-150400.8.3.2.ppc64le", product_id: "upb-devel-1.60.0-150400.8.3.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", product: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", product_id: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", }, }, { category: "product_version", name: "grpc-devel-1.60.0-150400.8.3.2.s390x", product: { name: "grpc-devel-1.60.0-150400.8.3.2.s390x", product_id: "grpc-devel-1.60.0-150400.8.3.2.s390x", }, }, { category: "product_version", name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", product: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", product_id: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, }, { category: "product_version", name: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", product: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", product_id: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", }, }, { category: "product_version", name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", product: { name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", product_id: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", }, }, { category: "product_version", name: "libgrpc37-1.60.0-150400.8.3.2.s390x", product: { name: "libgrpc37-1.60.0-150400.8.3.2.s390x", product_id: "libgrpc37-1.60.0-150400.8.3.2.s390x", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", product: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", product_id: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", product: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", product_id: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", product: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", product_id: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "libre2-11-20240201-150400.9.3.1.s390x", product: { name: "libre2-11-20240201-150400.9.3.1.s390x", product_id: "libre2-11-20240201-150400.9.3.1.s390x", }, }, { category: "product_version", name: "libupb37-1.60.0-150400.8.3.2.s390x", product: { name: "libupb37-1.60.0-150400.8.3.2.s390x", product_id: "libupb37-1.60.0-150400.8.3.2.s390x", }, }, { category: "product_version", name: "protobuf-devel-25.1-150400.9.3.1.s390x", product: { name: "protobuf-devel-25.1-150400.9.3.1.s390x", product_id: "protobuf-devel-25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "protobuf-java-25.1-150400.9.3.1.s390x", product: { name: "protobuf-java-25.1-150400.9.3.1.s390x", product_id: "protobuf-java-25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "python311-grpcio-1.60.0-150400.9.3.2.s390x", product: { name: "python311-grpcio-1.60.0-150400.9.3.2.s390x", product_id: "python311-grpcio-1.60.0-150400.9.3.2.s390x", }, }, { category: "product_version", name: "python311-protobuf-4.25.1-150400.9.3.1.s390x", product: { name: "python311-protobuf-4.25.1-150400.9.3.1.s390x", product_id: "python311-protobuf-4.25.1-150400.9.3.1.s390x", }, }, { category: "product_version", name: "re2-devel-20240201-150400.9.3.1.s390x", product: { name: "re2-devel-20240201-150400.9.3.1.s390x", product_id: "re2-devel-20240201-150400.9.3.1.s390x", }, }, { category: "product_version", name: "upb-devel-1.60.0-150400.8.3.2.s390x", product: { name: "upb-devel-1.60.0-150400.8.3.2.s390x", product_id: "upb-devel-1.60.0-150400.8.3.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", product: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", product_id: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, }, { category: "product_version", name: "grpc-devel-1.60.0-150400.8.3.2.x86_64", product: { name: "grpc-devel-1.60.0-150400.8.3.2.x86_64", product_id: "grpc-devel-1.60.0-150400.8.3.2.x86_64", }, }, { category: "product_version", name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", product: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", product_id: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, }, { category: "product_version", name: "libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", product: { name: "libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", product_id: "libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", }, }, { category: "product_version", name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", product: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", product_id: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, }, { category: "product_version", name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", product: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", product_id: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, }, { category: "product_version", name: "libgrpc37-1.60.0-150400.8.3.2.x86_64", product: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64", product_id: "libgrpc37-1.60.0-150400.8.3.2.x86_64", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", product: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", product_id: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", product: { name: "libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", product_id: "libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", product: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", product_id: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", product: { name: "libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", product_id: "libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", product: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", product_id: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", product: { name: "libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", product_id: "libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libre2-11-20240201-150400.9.3.1.x86_64", product: { name: "libre2-11-20240201-150400.9.3.1.x86_64", product_id: "libre2-11-20240201-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libre2-11-32bit-20240201-150400.9.3.1.x86_64", product: { name: "libre2-11-32bit-20240201-150400.9.3.1.x86_64", product_id: "libre2-11-32bit-20240201-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "libupb37-1.60.0-150400.8.3.2.x86_64", product: { name: "libupb37-1.60.0-150400.8.3.2.x86_64", product_id: "libupb37-1.60.0-150400.8.3.2.x86_64", }, }, { category: "product_version", name: "protobuf-devel-25.1-150400.9.3.1.x86_64", product: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64", product_id: "protobuf-devel-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "protobuf-java-25.1-150400.9.3.1.x86_64", product: { name: "protobuf-java-25.1-150400.9.3.1.x86_64", product_id: "protobuf-java-25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "python311-grpcio-1.60.0-150400.9.3.2.x86_64", product: { name: "python311-grpcio-1.60.0-150400.9.3.2.x86_64", product_id: "python311-grpcio-1.60.0-150400.9.3.2.x86_64", }, }, { category: "product_version", name: "python311-protobuf-4.25.1-150400.9.3.1.x86_64", product: { name: "python311-protobuf-4.25.1-150400.9.3.1.x86_64", product_id: "python311-protobuf-4.25.1-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "re2-devel-20240201-150400.9.3.1.x86_64", product: { name: "re2-devel-20240201-150400.9.3.1.x86_64", product_id: "re2-devel-20240201-150400.9.3.1.x86_64", }, }, { category: "product_version", name: "upb-devel-1.60.0-150400.8.3.2.x86_64", product: { name: "upb-devel-1.60.0-150400.8.3.2.x86_64", product_id: "upb-devel-1.60.0-150400.8.3.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Installer Updates 15 SP4", product: { name: "SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4", }, }, { category: "product_name", name: "SUSE Linux Enterprise Installer Updates 15 SP5", product: { name: "SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5", }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.3", product: { name: "SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.4", product: { name: "SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.5", product: { name: "SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Python 3 15 SP5", product: { name: "SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-python3:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp4", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 4.3", product: { name: "SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15 SP5", product: { name: "SUSE Linux Enterprise Workstation Extension 15 SP5", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15:sp5", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.3", product: { name: "openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.3", }, }, }, { category: "product_name", name: "openSUSE Leap Micro 5.4", product: { name: "openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4", product_identification_helper: { cpe: "cpe:/o:opensuse:leap-micro:5.4", }, }, }, { category: "product_name", name: "openSUSE Leap 15.5", product: { name: "openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP4", product_id: "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Installer Updates 15 SP5", product_id: "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Installer Updates 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3", product_id: "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4", product_id: "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", }, product_reference: "libre2-11-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", }, product_reference: "libre2-11-20240201-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libupb37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libupb37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP5", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", }, product_reference: "libre2-11-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", }, product_reference: "libre2-11-20240201-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libupb37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libupb37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-abseil-1.4.0-150400.9.3.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", }, product_reference: "python311-abseil-1.4.0-150400.9.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP5", product_id: "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Python 3 15 SP5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", }, product_reference: "libre2-11-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", }, product_reference: "libre2-11-20240201-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libupb37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libupb37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", }, product_reference: "libre2-11-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libupb37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of SUSE Manager Proxy 4.3", product_id: "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap Micro 5.3", product_id: "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.3", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap Micro 5.4", product_id: "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap Micro 5.4", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", }, product_reference: "abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "grpc-devel-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", }, product_reference: "grpc-devel-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "grpc-devel-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "grpc-devel-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "grpc-devel-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", }, product_reference: "grpc-devel-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "grpc-devel-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", }, product_reference: "grpc-devel-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "grpc-source-1.60.0-150400.8.3.2.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", }, product_reference: "grpc-source-1.60.0-150400.8.3.2.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", }, product_reference: "libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc1_60-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libgrpc37-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libgrpc37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", }, product_reference: "libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", }, product_reference: "libre2-11-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", }, product_reference: "libre2-11-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", }, product_reference: "libre2-11-20240201-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-20240201-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libre2-11-32bit-20240201-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", }, product_reference: "libre2-11-32bit-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "libupb37-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", }, product_reference: "libupb37-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "libupb37-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", }, product_reference: "libupb37-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", }, product_reference: "opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-devel-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-devel-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-java-25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", }, product_reference: "protobuf-java-25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-java-25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", }, product_reference: "protobuf-java-25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-java-25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", }, product_reference: "protobuf-java-25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "protobuf-java-25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", }, product_reference: "protobuf-java-25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-abseil-1.4.0-150400.9.3.1.noarch as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", }, product_reference: "python311-abseil-1.4.0-150400.9.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-grpcio-1.60.0-150400.9.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", }, product_reference: "python311-grpcio-1.60.0-150400.9.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "python311-protobuf-4.25.1-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", }, product_reference: "python311-protobuf-4.25.1-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "re2-devel-20240201-150400.9.3.1.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", }, product_reference: "re2-devel-20240201-150400.9.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "re2-devel-20240201-150400.9.3.1.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", }, product_reference: "re2-devel-20240201-150400.9.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "re2-devel-20240201-150400.9.3.1.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", }, product_reference: "re2-devel-20240201-150400.9.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "re2-devel-20240201-150400.9.3.1.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", }, product_reference: "re2-devel-20240201-150400.9.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "upb-devel-1.60.0-150400.8.3.2.aarch64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", }, product_reference: "upb-devel-1.60.0-150400.8.3.2.aarch64", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "upb-devel-1.60.0-150400.8.3.2.ppc64le as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", }, product_reference: "upb-devel-1.60.0-150400.8.3.2.ppc64le", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "upb-devel-1.60.0-150400.8.3.2.s390x as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", }, product_reference: "upb-devel-1.60.0-150400.8.3.2.s390x", relates_to_product_reference: "openSUSE Leap 15.5", }, { category: "default_component_of", full_product_name: { name: "upb-devel-1.60.0-150400.8.3.2.x86_64 as component of openSUSE Leap 15.5", product_id: "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", }, product_reference: "upb-devel-1.60.0-150400.8.3.2.x86_64", relates_to_product_reference: "openSUSE Leap 15.5", }, ], }, vulnerabilities: [ { cve: "CVE-2023-32731", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-32731", }, ], notes: [ { category: "general", text: "When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 \n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-32731", url: "https://www.suse.com/security/cve/CVE-2023-32731", }, { category: "external", summary: "SUSE Bug 1212180 for CVE-2023-32731", url: "https://bugzilla.suse.com/1212180", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-02-21T08:37:00Z", details: "important", }, ], title: "CVE-2023-32731", }, { cve: "CVE-2023-32732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-32732", }, ], notes: [ { category: "general", text: "gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url \n", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-32732", url: "https://www.suse.com/security/cve/CVE-2023-32732", }, { category: "external", summary: "SUSE Bug 1212182 for CVE-2023-32732", url: "https://bugzilla.suse.com/1212182", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-02-21T08:37:00Z", details: "moderate", }, ], title: "CVE-2023-32732", }, { cve: "CVE-2023-33953", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-33953", }, ], notes: [ { category: "general", text: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0's can be added at the start of an integer. gRPC's hpack parser needed to read all of them before concluding a parse.\n- gRPC's metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-33953", url: "https://www.suse.com/security/cve/CVE-2023-33953", }, { category: "external", summary: "SUSE Bug 1214148 for CVE-2023-33953", url: "https://bugzilla.suse.com/1214148", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-02-21T08:37:00Z", details: "important", }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-44487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-44487", }, ], notes: [ { category: "general", text: "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-44487", url: "https://www.suse.com/security/cve/CVE-2023-44487", }, { category: "external", summary: "SUSE Bug 1216109 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216109", }, { category: "external", summary: "SUSE Bug 1216123 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216123", }, { category: "external", summary: "SUSE Bug 1216169 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216169", }, { category: "external", summary: "SUSE Bug 1216171 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216171", }, { category: "external", summary: "SUSE Bug 1216174 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216174", }, { category: "external", summary: "SUSE Bug 1216176 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216176", }, { category: "external", summary: "SUSE Bug 1216181 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216181", }, { category: "external", summary: "SUSE Bug 1216182 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216182", }, { category: "external", summary: "SUSE Bug 1216190 for CVE-2023-44487", url: "https://bugzilla.suse.com/1216190", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-02-21T08:37:00Z", details: "important", }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-4785", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2023-4785", }, ], notes: [ { category: "general", text: "Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. ", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2023-4785", url: "https://www.suse.com/security/cve/CVE-2023-4785", }, { category: "external", summary: "SUSE Bug 1215334 for CVE-2023-4785", url: "https://bugzilla.suse.com/1215334", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Installer Updates 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Micro 5.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Micro 5.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP5:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-abseil-1.4.0-150400.9.3.1.noarch", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Module for Python 3 15 SP5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.aarch64", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.s390x", "SUSE Linux Enterprise Server 15 SP4-LTSS:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libupb37-1.60.0-150400.8.3.2.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP4:protobuf-devel-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "SUSE Manager Proxy 4.3:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libgrpc37-1.60.0-150400.8.3.2.x86_64", "SUSE Manager Proxy 4.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libre2-11-20240201-150400.9.3.1.x86_64", "SUSE Manager Proxy 4.3:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:abseil-cpp-devel-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:grpc-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:grpc-source-1.60.0-150400.8.3.2.noarch", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap 15.5:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libabsl2308_0_0-32bit-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc++1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc1_60-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libgrpc37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotobuf25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotobuf25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:libprotoc25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libprotoc25_1_0-32bit-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:libre2-11-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libre2-11-32bit-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:libupb37-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap 15.5:opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1.noarch", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-devel-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:protobuf-java-25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:python311-abseil-1.4.0-150400.9.3.1.noarch", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.aarch64", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.ppc64le", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.s390x", "openSUSE Leap 15.5:python311-grpcio-1.60.0-150400.9.3.2.x86_64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.aarch64", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.s390x", "openSUSE Leap 15.5:python311-protobuf-4.25.1-150400.9.3.1.x86_64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.aarch64", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.ppc64le", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.s390x", "openSUSE Leap 15.5:re2-devel-20240201-150400.9.3.1.x86_64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.aarch64", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.ppc64le", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.s390x", "openSUSE Leap 15.5:upb-devel-1.60.0-150400.8.3.2.x86_64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.3:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.3:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.aarch64", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.ppc64le", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.s390x", "openSUSE Leap Micro 5.4:libabsl2308_0_0-20230802.1-150400.10.4.1.x86_64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.aarch64", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.ppc64le", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.s390x", "openSUSE Leap Micro 5.4:libprotobuf-lite25_1_0-25.1-150400.9.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-02-21T08:37:00Z", details: "important", }, ], title: "CVE-2023-4785", }, ], }
ncsc-2025-0028
Vulnerability from csaf_ncscnl
Published
2025-01-22 13:36
Modified
2025-01-22 13:36
Summary
Kwetsbaarheden verholpen in Oracle Analytics
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-416
Use After Free
CWE-476
NULL Pointer Dereference
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-248
Uncaught Exception
CWE-674
Uncontrolled Recursion
CWE-611
Improper Restriction of XML External Entity Reference
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-789
Memory Allocation with Excessive Size Value
CWE-20
Improper Input Validation
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1395
Dependency on Vulnerable Third-Party Component
CWE-670
Always-Incorrect Control Flow Implementation
CWE-399
CWE-399
CWE-326
Inadequate Encryption Strength
CWE-669
Incorrect Resource Transfer Between Spheres
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-834
Excessive Iteration
CWE-311
Missing Encryption of Sensitive Data
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", }, }, lang: "nl", notes: [ { category: "legal_disclaimer", text: "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.", }, { category: "description", text: "Oracle heeft kwetsbaarheden verholpen in Oracle Analytics producten, zoals Business Intelligence, Analytics Desktop en BI Publisher.", title: "Feiten", }, { category: "description", text: "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, of zich toegang te verschaffen tot gevoelige gegevens.", title: "Interpretaties", }, { category: "description", text: "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", title: "Oplossingen", }, { category: "general", text: "medium", title: "Kans", }, { category: "general", text: "high", title: "Schade", }, { category: "general", text: "Use After Free", title: "CWE-416", }, { category: "general", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "general", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, { category: "general", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "general", text: "Deserialization of Untrusted Data", title: "CWE-502", }, { category: "general", text: "Uncaught Exception", title: "CWE-248", }, { category: "general", text: "Uncontrolled Recursion", title: "CWE-674", }, { category: "general", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, { category: "general", text: "Out-of-bounds Write", title: "CWE-787", }, { category: "general", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "general", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, { category: "general", text: "Improper Input Validation", title: "CWE-20", }, { category: "general", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, { category: "general", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, { category: "general", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, { category: "general", text: "CWE-399", title: "CWE-399", }, { category: "general", text: "Inadequate Encryption Strength", title: "CWE-326", }, { category: "general", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, { category: "general", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "general", text: "Excessive Iteration", title: "CWE-834", }, { category: "general", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "general", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, { category: "general", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "general", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "general", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "general", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, ], publisher: { category: "coordinator", contact_details: "cert@ncsc.nl", name: "Nationaal Cyber Security Centrum", namespace: "https://www.ncsc.nl/", }, references: [ { category: "external", summary: "Reference - cveprojectv5; nvd; oracle", url: "https://www.oracle.com/security-alerts/cpujan2025.html", }, ], title: "Kwetsbaarheden verholpen in Oracle Analytics", tracking: { current_release_date: "2025-01-22T13:36:58.196605Z", id: "NCSC-2025-0028", initial_release_date: "2025-01-22T13:36:58.196605Z", revision_history: [ { date: "2025-01-22T13:36:58.196605Z", number: "0", summary: "Initiele versie", }, ], status: "final", version: "1.0.0", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-1503296", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-220360", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:*:enterprise:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-135810", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-219994", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:enterprise:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-219817", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:6.4.0.0.0:enterprise:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-1503297", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-257324", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:7.0.0.0.0:*:*:*:enterprise:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-1503298", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence", product: { name: "business_intelligence", product_id: "CSAFPID-1650736", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence:7.6.0.0.0:*:*:*:enterprise:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765384", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764234", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765387", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.5.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764778", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764929", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:5.9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764235", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764930", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:6.4.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764236", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-1503574", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:7.6.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-1503573", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765388", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___5.9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764727", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___6.4.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764729", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_analytics_server___7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765383", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765385", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765389", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_bi_platform_security___5.9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764725", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764728", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___6.4.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764730", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_presentation_services___7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-764726", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_service_administration_ui___12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "business_intelligence_enterprise_edition", product: { name: "business_intelligence_enterprise_edition", product_id: "CSAFPID-765386", product_identification_helper: { cpe: "cpe:2.3:a:oracle:business_intelligence_enterprise_edition:_storage_service_integration___12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-9197", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-9493", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-220546", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:5.9.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-228391", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:5.9.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-220545", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:6.4.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-220560", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "bi_publisher", product: { name: "bi_publisher", product_id: "CSAFPID-1673195", product_identification_helper: { cpe: "cpe:2.3:a:oracle:bi_publisher:7.6.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-816763", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:*:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-816761", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:6.4.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-816762", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:7.0.0.0.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-1751172", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:8.1.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-1650735", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:prior_to_7.8.0:*:*:*:*:*:*:*", }, }, }, { category: "product_name", name: "analytics_desktop", product: { name: "analytics_desktop", product_id: "CSAFPID-1751157", product_identification_helper: { cpe: "cpe:2.3:a:oracle:analytics_desktop:prior_to_8.1.0:*:*:*:*:*:*:*", }, }, }, ], category: "vendor", name: "oracle", }, ], }, vulnerabilities: [ { cve: "CVE-2016-10000", references: [ { category: "self", summary: "CVE-2016-10000", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2016/CVE-2016-10000.json", }, ], title: "CVE-2016-10000", }, { cve: "CVE-2020-2849", product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2020-2849", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-2849.json", }, ], title: "CVE-2020-2849", }, { cve: "CVE-2020-7760", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2020-7760", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-7760.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-257324", ], }, ], title: "CVE-2020-7760", }, { cve: "CVE-2020-13956", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-1503574", "CSAFPID-257324", "CSAFPID-135810", ], }, references: [ { category: "self", summary: "CVE-2020-13956", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json", }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-1503574", "CSAFPID-257324", "CSAFPID-135810", ], }, ], title: "CVE-2020-13956", }, { cve: "CVE-2020-28975", product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2020-28975", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-28975.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2020-28975", }, { cve: "CVE-2021-23926", cwe: { id: "CWE-776", name: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", }, notes: [ { category: "other", text: "Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')", title: "CWE-776", }, { category: "other", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, ], product_status: { known_affected: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", ], }, references: [ { category: "self", summary: "CVE-2021-23926", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-23926.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-220546", "CSAFPID-9197", "CSAFPID-764929", "CSAFPID-764930", ], }, ], title: "CVE-2021-23926", }, { cve: "CVE-2021-33813", cwe: { id: "CWE-611", name: "Improper Restriction of XML External Entity Reference", }, notes: [ { category: "other", text: "Improper Restriction of XML External Entity Reference", title: "CWE-611", }, ], product_status: { known_affected: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9197", "CSAFPID-9493", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-135810", ], }, references: [ { category: "self", summary: "CVE-2021-33813", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33813.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9197", "CSAFPID-9493", "CSAFPID-228391", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-765383", "CSAFPID-765384", "CSAFPID-765385", "CSAFPID-765386", "CSAFPID-765387", "CSAFPID-765388", "CSAFPID-765389", "CSAFPID-135810", ], }, ], title: "CVE-2021-33813", }, { cve: "CVE-2022-40150", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", ], }, references: [ { category: "self", summary: "CVE-2022-40150", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40150.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764234", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764235", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-764236", "CSAFPID-9493", "CSAFPID-764778", "CSAFPID-228391", "CSAFPID-135810", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", ], }, ], title: "CVE-2022-40150", }, { cve: "CVE-2023-2976", cwe: { id: "CWE-552", name: "Files or Directories Accessible to External Parties", }, notes: [ { category: "other", text: "Files or Directories Accessible to External Parties", title: "CWE-552", }, { category: "other", text: "Creation of Temporary File in Directory with Insecure Permissions", title: "CWE-379", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-2976", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, ], title: "CVE-2023-2976", }, { cve: "CVE-2023-4785", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "other", text: "Uncaught Exception", title: "CWE-248", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-4785", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4785.json", }, ], title: "CVE-2023-4785", }, { cve: "CVE-2023-7272", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-7272", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-7272.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2023-7272", }, { cve: "CVE-2023-24998", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "CWE-399", title: "CWE-399", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-764778", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-764725", "CSAFPID-764726", "CSAFPID-764727", "CSAFPID-764728", "CSAFPID-764729", "CSAFPID-764730", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-135810", ], }, references: [ { category: "self", summary: "CVE-2023-24998", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json", }, ], title: "CVE-2023-24998", }, { cve: "CVE-2023-25399", cwe: { id: "CWE-401", name: "Missing Release of Memory after Effective Lifetime", }, notes: [ { category: "other", text: "Missing Release of Memory after Effective Lifetime", title: "CWE-401", }, ], product_status: { known_affected: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-25399", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-25399.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, ], title: "CVE-2023-25399", }, { cve: "CVE-2023-29824", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-29824", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29824.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, ], title: "CVE-2023-29824", }, { cve: "CVE-2023-32732", cwe: { id: "CWE-440", name: "Expected Behavior Violation", }, notes: [ { category: "other", text: "Expected Behavior Violation", title: "CWE-440", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-32732", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-32732.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2023-32732", }, { cve: "CVE-2023-33202", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-1650735", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-33202", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33202.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-1650735", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, ], title: "CVE-2023-33202", }, { cve: "CVE-2023-33953", cwe: { id: "CWE-834", name: "Excessive Iteration", }, notes: [ { category: "other", text: "Excessive Iteration", title: "CWE-834", }, { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, { category: "other", text: "Memory Allocation with Excessive Size Value", title: "CWE-789", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-33953", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33953.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2023-33953", }, { cve: "CVE-2023-43804", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-43804", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43804.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, ], title: "CVE-2023-43804", }, { cve: "CVE-2023-44487", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, notes: [ { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-44487", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220545", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764235", "CSAFPID-764236", "CSAFPID-816761", "CSAFPID-816762", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, ], title: "CVE-2023-44487", }, { cve: "CVE-2023-45803", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-45803", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45803.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, ], title: "CVE-2023-45803", }, { cve: "CVE-2023-50782", cwe: { id: "CWE-208", name: "Observable Timing Discrepancy", }, notes: [ { category: "other", text: "Observable Timing Discrepancy", title: "CWE-208", }, { category: "other", text: "Observable Discrepancy", title: "CWE-203", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2023-50782", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-50782.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, ], title: "CVE-2023-50782", }, { cve: "CVE-2024-0727", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, { category: "other", text: "Improper Input Validation", title: "CWE-20", }, ], product_status: { known_affected: [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", ], }, references: [ { category: "self", summary: "CVE-2024-0727", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0727.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", ], }, ], title: "CVE-2024-0727", }, { cve: "CVE-2024-1135", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, notes: [ { category: "other", text: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", title: "CWE-444", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-1135", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1135.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2024-1135", }, { cve: "CVE-2024-4741", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "other", text: "Use After Free", title: "CWE-416", }, ], product_status: { known_affected: [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810", ], }, references: [ { category: "self", summary: "CVE-2024-4741", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json", }, ], title: "CVE-2024-4741", }, { cve: "CVE-2024-5535", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "other", text: "Exposure of Sensitive Information to an Unauthorized Actor", title: "CWE-200", }, { category: "other", text: "Improper Restriction of Operations within the Bounds of a Memory Buffer", title: "CWE-119", }, { category: "other", text: "Dependency on Vulnerable Third-Party Component", title: "CWE-1395", }, ], product_status: { known_affected: [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-5535", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json", }, ], scores: [ { cvss_v3: { baseScore: 9.1, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-135810", "CSAFPID-1650736", "CSAFPID-257324", ], }, ], title: "CVE-2024-5535", }, { cve: "CVE-2024-7254", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "other", text: "Improper Input Validation", title: "CWE-20", }, { category: "other", text: "Uncontrolled Recursion", title: "CWE-674", }, ], product_status: { known_affected: [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-7254", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json", }, ], scores: [ { cvss_v3: { baseScore: 8.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-257324", ], }, ], title: "CVE-2024-7254", }, { cve: "CVE-2024-22195", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-22195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22195.json", }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-257324", ], }, ], title: "CVE-2024-22195", }, { cve: "CVE-2024-26130", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "other", text: "NULL Pointer Dereference", title: "CWE-476", }, ], product_status: { known_affected: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-26130", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json", }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "CSAFPID-9493", "CSAFPID-220560", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-1503574", "CSAFPID-257324", ], }, ], title: "CVE-2024-26130", }, { cve: "CVE-2024-29025", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "other", text: "Allocation of Resources Without Limits or Throttling", title: "CWE-770", }, ], product_status: { known_affected: [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-220560", "CSAFPID-1673195", ], }, references: [ { category: "self", summary: "CVE-2024-29025", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json", }, ], scores: [ { cvss_v3: { baseScore: 7.3, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-220560", "CSAFPID-1673195", ], }, ], title: "CVE-2024-29025", }, { cve: "CVE-2024-29131", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-257324", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736", ], }, references: [ { category: "self", summary: "CVE-2024-29131", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json", }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-257324", "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-1650736", ], }, ], title: "CVE-2024-29131", }, { cve: "CVE-2024-34064", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "other", text: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", title: "CWE-79", }, ], product_status: { known_affected: [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-34064", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json", }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "CSAFPID-816763", "CSAFPID-1503573", "CSAFPID-765385", "CSAFPID-764234", "CSAFPID-764236", "CSAFPID-1503574", "CSAFPID-257324", ], }, ], title: "CVE-2024-34064", }, { cve: "CVE-2024-35195", cwe: { id: "CWE-670", name: "Always-Incorrect Control Flow Implementation", }, notes: [ { category: "other", text: "Always-Incorrect Control Flow Implementation", title: "CWE-670", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-35195", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35195.json", }, ], scores: [ { cvss_v3: { baseScore: 5.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2024-35195", }, { cve: "CVE-2024-36114", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "other", text: "Out-of-bounds Read", title: "CWE-125", }, { category: "other", text: "Out-of-bounds Write", title: "CWE-787", }, ], product_status: { known_affected: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-36114", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json", }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", version: "3.1", }, products: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, ], title: "CVE-2024-36114", }, { cve: "CVE-2024-37891", cwe: { id: "CWE-669", name: "Incorrect Resource Transfer Between Spheres", }, notes: [ { category: "other", text: "Incorrect Resource Transfer Between Spheres", title: "CWE-669", }, ], product_status: { known_affected: [ "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-37891", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json", }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "CSAFPID-257324", ], }, ], title: "CVE-2024-37891", }, { cve: "CVE-2024-38809", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, notes: [ { category: "other", text: "Inefficient Regular Expression Complexity", title: "CWE-1333", }, { category: "other", text: "Improper Resource Shutdown or Release", title: "CWE-404", }, { category: "other", text: "Uncontrolled Resource Consumption", title: "CWE-400", }, ], product_status: { known_affected: [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810", ], }, references: [ { category: "self", summary: "CVE-2024-38809", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38809.json", }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "CSAFPID-220560", "CSAFPID-1673195", "CSAFPID-1650736", "CSAFPID-257324", "CSAFPID-135810", ], }, ], title: "CVE-2024-38809", }, { cve: "CVE-2024-38820", cwe: { id: "CWE-284", name: "Improper Access Control", }, notes: [ { category: "other", text: "Improper Access Control", title: "CWE-284", }, { category: "other", text: "Improper Handling of Case Sensitivity", title: "CWE-178", }, ], product_status: { known_affected: [ "CSAFPID-220560", "CSAFPID-1673195", ], }, references: [ { category: "self", summary: "CVE-2024-38820", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-220560", "CSAFPID-1673195", ], }, ], title: "CVE-2024-38820", }, { cve: "CVE-2024-43382", cwe: { id: "CWE-311", name: "Missing Encryption of Sensitive Data", }, notes: [ { category: "other", text: "Missing Encryption of Sensitive Data", title: "CWE-311", }, { category: "other", text: "Inadequate Encryption Strength", title: "CWE-326", }, ], product_status: { known_affected: [ "CSAFPID-220560", "CSAFPID-1673195", ], }, references: [ { category: "self", summary: "CVE-2024-43382", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43382.json", }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "CSAFPID-220560", "CSAFPID-1673195", ], }, ], title: "CVE-2024-43382", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, notes: [ { category: "other", text: "Deserialization of Untrusted Data", title: "CWE-502", }, ], product_status: { known_affected: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, references: [ { category: "self", summary: "CVE-2024-47561", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json", }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1650736", "CSAFPID-257324", ], }, ], title: "CVE-2024-47561", }, { cve: "CVE-2025-21532", product_status: { known_affected: [ "CSAFPID-1751157", ], }, references: [ { category: "self", summary: "CVE-2025-21532", url: "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21532.json", }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "CSAFPID-1751157", ], }, ], title: "CVE-2025-21532", }, ], }
gsd-2023-33953
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
Aliases
Aliases
{ GSD: { alias: "CVE-2023-33953", id: "GSD-2023-33953", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-33953", ], details: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", id: "GSD-2023-33953", modified: "2023-12-13T01:20:36.593954Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2023-33953", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "gRPC", version: { version_data: [ { version_affected: "<", version_name: "0", version_value: "1.56.1", }, ], }, }, ], }, vendor_name: "Google", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", }, ], }, generator: { engine: "Vulnogram 0.1.0-dev", }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-834", lang: "eng", value: "CWE-834 Excessive Iteration", }, ], }, { description: [ { cweId: "CWE-789", lang: "eng", value: "CWE-789 Memory Allocation with Excessive Size Value", }, ], }, ], }, references: { reference_data: [ { name: "https://cloud.google.com/support/bulletins#gcp-2023-022", refsource: "MISC", url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, ], }, source: { discovery: "UNKNOWN", }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", cpe_name: [], versionEndExcluding: "1.56.2", versionStartIncluding: "1.56.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", cpe_name: [], versionEndExcluding: "1.55.2", versionStartIncluding: "1.55.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", cpe_name: [], versionEndExcluding: "1.54.3", versionStartIncluding: "1.54.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:grpc:grpc:*:*:*:*:*:-:*:*", cpe_name: [], versionEndExcluding: "1.53.2", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2023-33953", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-770", }, { lang: "en", value: "CWE-834", }, ], }, ], }, references: { reference_data: [ { name: "https://cloud.google.com/support/bulletins#gcp-2023-022", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2023-08-17T14:15Z", publishedDate: "2023-08-09T13:15Z", }, }, }
ghsa-496j-2rq6-j6cc
Vulnerability from github
Published
2023-08-09 15:30
Modified
2024-07-30 21:37
Severity ?
Summary
Excessive Iteration in gRPC
Details
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:
- Unbounded memory buffering in the HPACK parser
- Unbounded CPU consumption in the HPACK parser
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.
- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.
- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…
{ affected: [ { package: { ecosystem: "PyPI", name: "grpcio", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "1.53.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "grpcio", }, ranges: [ { events: [ { introduced: "1.54.0", }, { fixed: "1.54.3", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "grpcio", }, ranges: [ { events: [ { introduced: "1.55.0", }, { fixed: "1.55.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "PyPI", name: "grpcio", }, ranges: [ { events: [ { introduced: "1.56.0", }, { fixed: "1.56.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "RubyGems", name: "grpc", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "1.53.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "RubyGems", name: "grpc", }, ranges: [ { events: [ { introduced: "1.54.0", }, { fixed: "1.54.3", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "RubyGems", name: "grpc", }, ranges: [ { events: [ { introduced: "1.55.0", }, { fixed: "1.55.2", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "RubyGems", name: "grpc", }, ranges: [ { events: [ { introduced: "1.56.0", }, { fixed: "1.56.2", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2023-33953", ], database_specific: { cwe_ids: [ "CWE-770", "CWE-789", ], github_reviewed: true, github_reviewed_at: "2024-07-30T10:26:43Z", nvd_published_at: "2023-08-09T13:15:09Z", severity: "HIGH", }, details: "gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks:\n\n- Unbounded memory buffering in the HPACK parser\n- Unbounded CPU consumption in the HPACK parser\n\nThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.\n\nThe unbounded memory buffering bugs:\n\n- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.\n- HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse.\n- gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc…", id: "GHSA-496j-2rq6-j6cc", modified: "2024-07-30T21:37:50Z", published: "2023-08-09T15:30:15Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33953", }, { type: "WEB", url: "https://cloud.google.com/support/bulletins#gcp-2023-022", }, { type: "ADVISORY", url: "https://github.com/advisories/GHSA-496j-2rq6-j6cc", }, { type: "WEB", url: "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/grpc/CVE-2023-33953.yml", }, { type: "WEB", url: "https://security.snyk.io/vuln/SNYK-RUBY-GRPC-5834442", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], summary: "Excessive Iteration in gRPC", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.