var-201912-1044
Vulnerability from variot
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. Summary:
Openshift Serverless 1.10.2 is now available. Solution:
See the documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.5/html/serverless_applications/index
- Bugs fixed (https://bugzilla.redhat.com/):
1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve 1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time
- Solution:
Download the release images via:
quay.io/redhat/quay:v3.3.3 quay.io/redhat/clair-jwt:v3.3.3 quay.io/redhat/quay-builder:v3.3.3 quay.io/redhat/clair:v3.3.3
- Bugs fixed (https://bugzilla.redhat.com/):
1905758 - CVE-2020-27831 quay: email notifications authorization bypass 1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display
- JIRA issues fixed (https://issues.jboss.org/):
PROJQUAY-1124 - NVD feed is broken for latest Clair v2 version
Bug Fix(es):
-
Gather image registry config (backport to 4.3) (BZ#1836815)
-
Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist (BZ#1849176)
-
Login with OpenShift not working after cluster upgrade (BZ#1852429)
-
Limit the size of gathered federated metrics from alerts in Insights Operator (BZ#1874018)
-
[4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs (BZ#1879110)
-
[release 4.3] OpenShift APIs become unavailable for more than 15 minutes after one of master nodes went down(OAuth) (BZ#1880293)
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64
The image digest is sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-s390x The image digest is sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le
The image digest is sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc
- Bugs fixed (https://bugzilla.redhat.com/):
1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1836815 - Gather image registry config (backport to 4.3) 1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist 1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator 1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized 1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs
Bug Fix(es):
-
Configuring the system with non-RT kernel will hang the system (BZ#1923220)
-
Bugs fixed (https://bugzilla.redhat.com/):
1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service
- JIRA issues fixed (https://issues.jboss.org/):
CNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs CNF-854 - Performance tests in CNF Tests
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
The compliance-operator image updates are now available for OpenShift Container Platform 4.6.
This advisory provides the following updates among others:
- Enhances profile parsing time.
- Fixes excessive resource consumption from the Operator.
- Fixes default content image.
- Fixes outdated remediation handling. Solution:
For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/):
1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers 1918990 - ComplianceSuite scans use quay content image for initContainer 1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present 1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules 1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):
1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values
- ========================================================================== Ubuntu Security Notice USN-4274-1 February 10, 2020
libxml2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in libxml2. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.10: libxml2 2.9.4+dfsg1-7ubuntu3.1 libxml2-utils 2.9.4+dfsg1-7ubuntu3.1
Ubuntu 18.04 LTS: libxml2 2.9.4+dfsg1-6.1ubuntu1.3 libxml2-utils 2.9.4+dfsg1-6.1ubuntu1.3
Ubuntu 16.04 LTS: libxml2 2.9.3+dfsg1-1ubuntu0.7 libxml2-utils 2.9.3+dfsg1-1ubuntu0.7
Ubuntu 14.04 ESM: libxml2 2.9.1+dfsg1-3ubuntu4.13+esm1 libxml2-utils 2.9.1+dfsg1-3ubuntu4.13+esm1
Ubuntu 12.04 ESM: libxml2 2.7.8.dfsg-5.1ubuntu4.22 libxml2-utils 2.7.8.dfsg-5.1ubuntu4.22
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: libxml2 security and bug fix update Advisory ID: RHSA-2020:3996-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:3996 Issue date: 2020-09-29 CVE Names: CVE-2019-19956 CVE-2019-20388 CVE-2020-7595 ==================================================================== 1. Summary:
An update for libxml2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The desktop must be restarted (log out, then log back in) for this update to take effect.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: libxml2-2.9.1-6.el7.5.src.rpm
x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: libxml2-2.9.1-6.el7.5.src.rpm
x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: libxml2-2.9.1-6.el7.5.src.rpm
ppc64: libxml2-2.9.1-6.el7.5.ppc.rpm libxml2-2.9.1-6.el7.5.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-devel-2.9.1-6.el7.5.ppc.rpm libxml2-devel-2.9.1-6.el7.5.ppc64.rpm libxml2-python-2.9.1-6.el7.5.ppc64.rpm
ppc64le: libxml2-2.9.1-6.el7.5.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-devel-2.9.1-6.el7.5.ppc64le.rpm libxml2-python-2.9.1-6.el7.5.ppc64le.rpm
s390x: libxml2-2.9.1-6.el7.5.s390.rpm libxml2-2.9.1-6.el7.5.s390x.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-devel-2.9.1-6.el7.5.s390.rpm libxml2-devel-2.9.1-6.el7.5.s390x.rpm libxml2-python-2.9.1-6.el7.5.s390x.rpm
x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: libxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm libxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm libxml2-static-2.9.1-6.el7.5.ppc.rpm libxml2-static-2.9.1-6.el7.5.ppc64.rpm
ppc64le: libxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm libxml2-static-2.9.1-6.el7.5.ppc64le.rpm
s390x: libxml2-debuginfo-2.9.1-6.el7.5.s390.rpm libxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm libxml2-static-2.9.1-6.el7.5.s390.rpm libxml2-static-2.9.1-6.el7.5.s390x.rpm
x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: libxml2-2.9.1-6.el7.5.src.rpm
x86_64: libxml2-2.9.1-6.el7.5.i686.rpm libxml2-2.9.1-6.el7.5.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-devel-2.9.1-6.el7.5.i686.rpm libxml2-devel-2.9.1-6.el7.5.x86_64.rpm libxml2-python-2.9.1-6.el7.5.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: libxml2-debuginfo-2.9.1-6.el7.5.i686.rpm libxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm libxml2-static-2.9.1-6.el7.5.i686.rpm libxml2-static-2.9.1-6.el7.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBX3OgG9zjgjWX9erEAQg9vhAAiDkPkj6VlpMKDvgVUY4eU83p4bCnZqos e9kVjDMJrHdYR5iXXc665LOYBG0yyDGdvVLeqxjI9S11UDypRyzy641kwBY6eCru 0yaA88aZ4YpQyIARmmK7cIMFe6JRWHOkEsOfMCtjpbkGLteXdzfUFgJnlRFB0Dai OVrZH3kGb5EbKvJGcWY7cqv5jQhpy802a4EhpHQ1q6vFAbO7D1T6vJlCyP0+ba5N ZoMyrCFWaX5TUjiwFkuyAiSZYyPyxo0+dhqgJaSU44BH4p5imV7c1oh10U7/7k+O Y30M2uLOuArD1ad0t2d23EVr8mRKUr+agoLWC8Pwuq2worTArE/395GKXv2Yvtv9 YCvvCNFIcnG5GaJloqhXkTZM2pCr0+n90WLrNZ0suPArycHU74ROfBNErWegvq2e gpFLyu3S1mpjcBG19Gjg1qgh7FKg57s7PbNzcETK5ParBQeZ4dHHpcr9voP52tYD SJ9ILV9unM5jya5Uwooa6GOFGistLQLntZd22zDcPahu0FxvQlyZFV4oInF0m/7h e/h8NgSwyJKNenZATlsOGmjdcMh95Unztu4bfK8S20/Ej8F/B2PE4Kxha2s0bxsC b9fFKBOIdTCeFi2lTyrctEGQl9ksrW/Va6+uQwe5lKQldwhB3of9QolUu7ud+gdx COt/fBH012Y=udpL -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html
4
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201912-1044",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap antivirus connector",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "real user experience insight",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "13.3.1.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "libxml2",
"scope": "lt",
"trust": 1.0,
"vendor": "xmlsoft",
"version": "2.9.10"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "32"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "steelstore cloud integrated storage",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.10"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "manageability software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:real_user_experience_insight:13.3.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "162694"
},
{
"db": "PACKETSTORM",
"id": "160889"
},
{
"db": "PACKETSTORM",
"id": "159661"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "161429"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "159349"
},
{
"db": "PACKETSTORM",
"id": "159552"
}
],
"trust": 0.8
},
"cve": "CVE-2019-19956",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-19956",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.1,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-19956",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-19956",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201912-1088",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-19956",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-\u003eoldNs. Summary:\n\nOpenshift Serverless 1.10.2 is now available. Solution:\n\nSee the documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/\n4.5/html/serverless_applications/index\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1918750 - CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve\n1918761 - CVE-2021-3115 golang: cmd/go: packages using cgo can cause arbitrary code execution at build time\n\n5. Solution:\n\nDownload the release images via:\n\nquay.io/redhat/quay:v3.3.3\nquay.io/redhat/clair-jwt:v3.3.3\nquay.io/redhat/quay-builder:v3.3.3\nquay.io/redhat/clair:v3.3.3\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1905758 - CVE-2020-27831 quay: email notifications authorization bypass\n1905784 - CVE-2020-27832 quay: persistent XSS in repository notification display\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nPROJQUAY-1124 - NVD feed is broken for latest Clair v2 version\n\n6. \n\nBug Fix(es):\n\n* Gather image registry config (backport to 4.3) (BZ#1836815)\n\n* Builds fail after running postCommit script if OCP cluster is configured\nwith a container registry whitelist (BZ#1849176)\n\n* Login with OpenShift not working after cluster upgrade (BZ#1852429)\n\n* Limit the size of gathered federated metrics from alerts in Insights\nOperator (BZ#1874018)\n\n* [4.3] Storage operator stops reconciling when going Upgradeable=False on\nv1alpha1 CRDs (BZ#1879110)\n\n* [release 4.3] OpenShift APIs become unavailable for more than 15 minutes\nafter one of master nodes went down(OAuth) (BZ#1880293)\n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.3.40-x86_64\n\nThe image digest is\nsha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc\n\n(For s390x architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.3.40-s390x\nThe image digest is\nsha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64\n\n(For ppc64le architecture)\n\n $ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le\n\nThe image digest is\nsha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic\n1836815 - Gather image registry config (backport to 4.3)\n1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist\n1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator\n1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized\n1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs\n\n5. \n\nBug Fix(es):\n\n* Configuring the system with non-RT kernel will hang the system\n(BZ#1923220)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1902111 - CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nCNF-802 - Infrastructure-provided enablement/disablement of interrupt processing for guaranteed pod CPUs\nCNF-854 - Performance tests in CNF Tests\n\n6. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThe compliance-operator image updates are now available for OpenShift\nContainer Platform 4.6. \n\nThis advisory provides the following updates among others:\n\n* Enhances profile parsing time. \n* Fixes excessive resource consumption from the Operator. \n* Fixes default content image. \n* Fixes outdated remediation handling. Solution:\n\nFor OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel\nease-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n- -cli.html. Bugs fixed (https://bugzilla.redhat.com/):\n\n1897635 - CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers\n1918990 - ComplianceSuite scans use quay content image for initContainer\n1919135 - [OCP v46] The autoApplyRemediation pauses the machineConfigPool if there is outdated complianceRemediation object present\n1919846 - After remediation applied, the compliancecheckresults still reports Failed status for some rules\n1920999 - Compliance operator is not displayed when disconnected mode is selected in the OpenShift Web-Console. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module\n1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values\n1916813 - CVE-2021-20191 ansible: multiple modules expose secured values\n1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option\n1939349 - CVE-2021-3447 ansible: multiple modules expose secured values\n\n5. ==========================================================================\nUbuntu Security Notice USN-4274-1\nFebruary 10, 2020\n\nlibxml2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.10\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in libxml2. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2019-19956, CVE-2020-7595)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.10:\n libxml2 2.9.4+dfsg1-7ubuntu3.1\n libxml2-utils 2.9.4+dfsg1-7ubuntu3.1\n\nUbuntu 18.04 LTS:\n libxml2 2.9.4+dfsg1-6.1ubuntu1.3\n libxml2-utils 2.9.4+dfsg1-6.1ubuntu1.3\n\nUbuntu 16.04 LTS:\n libxml2 2.9.3+dfsg1-1ubuntu0.7\n libxml2-utils 2.9.3+dfsg1-1ubuntu0.7\n\nUbuntu 14.04 ESM:\n libxml2 2.9.1+dfsg1-3ubuntu4.13+esm1\n libxml2-utils 2.9.1+dfsg1-3ubuntu4.13+esm1\n\nUbuntu 12.04 ESM:\n libxml2 2.7.8.dfsg-5.1ubuntu4.22\n libxml2-utils 2.7.8.dfsg-5.1ubuntu4.22\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: libxml2 security and bug fix update\nAdvisory ID: RHSA-2020:3996-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:3996\nIssue date: 2020-09-29\nCVE Names: CVE-2019-19956 CVE-2019-20388 CVE-2020-7595\n====================================================================\n1. Summary:\n\nAn update for libxml2 is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe libxml2 library is a development toolbox providing the implementation\nof various XML standards. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.9 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update\nto take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7.5.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7.5.i686.rpm\nlibxml2-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-python-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7.5.i686.rpm\nlibxml2-devel-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-static-2.9.1-6.el7.5.i686.rpm\nlibxml2-static-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7.5.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7.5.i686.rpm\nlibxml2-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-python-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7.5.i686.rpm\nlibxml2-devel-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-static-2.9.1-6.el7.5.i686.rpm\nlibxml2-static-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7.5.src.rpm\n\nppc64:\nlibxml2-2.9.1-6.el7.5.ppc.rpm\nlibxml2-2.9.1-6.el7.5.ppc64.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm\nlibxml2-devel-2.9.1-6.el7.5.ppc.rpm\nlibxml2-devel-2.9.1-6.el7.5.ppc64.rpm\nlibxml2-python-2.9.1-6.el7.5.ppc64.rpm\n\nppc64le:\nlibxml2-2.9.1-6.el7.5.ppc64le.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm\nlibxml2-devel-2.9.1-6.el7.5.ppc64le.rpm\nlibxml2-python-2.9.1-6.el7.5.ppc64le.rpm\n\ns390x:\nlibxml2-2.9.1-6.el7.5.s390.rpm\nlibxml2-2.9.1-6.el7.5.s390x.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.s390.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm\nlibxml2-devel-2.9.1-6.el7.5.s390.rpm\nlibxml2-devel-2.9.1-6.el7.5.s390x.rpm\nlibxml2-python-2.9.1-6.el7.5.s390x.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7.5.i686.rpm\nlibxml2-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7.5.i686.rpm\nlibxml2-devel-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-python-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc64.rpm\nlibxml2-static-2.9.1-6.el7.5.ppc.rpm\nlibxml2-static-2.9.1-6.el7.5.ppc64.rpm\n\nppc64le:\nlibxml2-debuginfo-2.9.1-6.el7.5.ppc64le.rpm\nlibxml2-static-2.9.1-6.el7.5.ppc64le.rpm\n\ns390x:\nlibxml2-debuginfo-2.9.1-6.el7.5.s390.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.s390x.rpm\nlibxml2-static-2.9.1-6.el7.5.s390.rpm\nlibxml2-static-2.9.1-6.el7.5.s390x.rpm\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-static-2.9.1-6.el7.5.i686.rpm\nlibxml2-static-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nlibxml2-2.9.1-6.el7.5.src.rpm\n\nx86_64:\nlibxml2-2.9.1-6.el7.5.i686.rpm\nlibxml2-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-devel-2.9.1-6.el7.5.i686.rpm\nlibxml2-devel-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-python-2.9.1-6.el7.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nlibxml2-debuginfo-2.9.1-6.el7.5.i686.rpm\nlibxml2-debuginfo-2.9.1-6.el7.5.x86_64.rpm\nlibxml2-static-2.9.1-6.el7.5.i686.rpm\nlibxml2-static-2.9.1-6.el7.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-19956\nhttps://access.redhat.com/security/cve/CVE-2019-20388\nhttps://access.redhat.com/security/cve/CVE-2020-7595\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX3OgG9zjgjWX9erEAQg9vhAAiDkPkj6VlpMKDvgVUY4eU83p4bCnZqos\ne9kVjDMJrHdYR5iXXc665LOYBG0yyDGdvVLeqxjI9S11UDypRyzy641kwBY6eCru\n0yaA88aZ4YpQyIARmmK7cIMFe6JRWHOkEsOfMCtjpbkGLteXdzfUFgJnlRFB0Dai\nOVrZH3kGb5EbKvJGcWY7cqv5jQhpy802a4EhpHQ1q6vFAbO7D1T6vJlCyP0+ba5N\nZoMyrCFWaX5TUjiwFkuyAiSZYyPyxo0+dhqgJaSU44BH4p5imV7c1oh10U7/7k+O\nY30M2uLOuArD1ad0t2d23EVr8mRKUr+agoLWC8Pwuq2worTArE/395GKXv2Yvtv9\nYCvvCNFIcnG5GaJloqhXkTZM2pCr0+n90WLrNZ0suPArycHU74ROfBNErWegvq2e\ngpFLyu3S1mpjcBG19Gjg1qgh7FKg57s7PbNzcETK5ParBQeZ4dHHpcr9voP52tYD\nSJ9ILV9unM5jya5Uwooa6GOFGistLQLntZd22zDcPahu0FxvQlyZFV4oInF0m/7h\ne/h8NgSwyJKNenZATlsOGmjdcMh95Unztu4bfK8S20/Ej8F/B2PE4Kxha2s0bxsC\nb9fFKBOIdTCeFi2lTyrctEGQl9ksrW/Va6+uQwe5lKQldwhB3of9QolUu7ud+gdx\nCOt/fBH012Y=udpL\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nFor information on upgrading Ansible Tower, reference the Ansible Tower\nUpgrade and Migration Guide:\nhttps://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/\nindex.html\n\n4",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19956"
},
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "PACKETSTORM",
"id": "162694"
},
{
"db": "PACKETSTORM",
"id": "160889"
},
{
"db": "PACKETSTORM",
"id": "159661"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "161429"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "156276"
},
{
"db": "PACKETSTORM",
"id": "159349"
},
{
"db": "PACKETSTORM",
"id": "159552"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-19956",
"trust": 2.6
},
{
"db": "SIEMENS",
"id": "SSA-292794",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-21-103-08",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "162694",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "160889",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159661",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "161429",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "162142",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156276",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "159349",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.0584",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3732",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1207",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3535",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2604",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1744",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4513",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1242",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1727",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4058",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1826",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2162",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3364",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0234",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3631",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2475",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0864",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0471",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0845",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0025",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3868",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0986",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3550",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0691",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4100",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.3102",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0319",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.1193",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0171",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.0099",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "159851",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160961",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "159553",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "162130",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161536",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161727",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "158168",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "161916",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "160125",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021041514",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021052216",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072097",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021111735",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-19956",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "161548",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "159552",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "PACKETSTORM",
"id": "162694"
},
{
"db": "PACKETSTORM",
"id": "160889"
},
{
"db": "PACKETSTORM",
"id": "159661"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "161429"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "156276"
},
{
"db": "PACKETSTORM",
"id": "159349"
},
{
"db": "PACKETSTORM",
"id": "159552"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"id": "VAR-201912-1044",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.54152095
},
"last_update_date": "2023-11-07T19:16:36.131000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "libxml2 Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=106417"
},
{
"title": "Red Hat: Moderate: libxml2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204479 - security advisory"
},
{
"title": "Red Hat: Moderate: libxml2 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20203996 - security advisory"
},
{
"title": "Ubuntu Security Notice: libxml2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-4274-1"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20202646 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20202644 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2020-1438",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2020-1438"
},
{
"title": "Amazon Linux 2: ALAS2-2020-1534",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2020-1534"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=0d160980ab72db34060d62c89304b6f2"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless 1.11.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205149 - security advisory"
},
{
"title": "Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204255 - security advisory"
},
{
"title": "Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204254 - security advisory"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless 1.12.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210146 - security advisory"
},
{
"title": "Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20204264 - security advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210190 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Quay v3.3.3 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210050 - security advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20210436 - security advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20205605 - security advisory"
},
{
"title": "IBM: Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=3201548b0e11fd3ecd83fd36fc045a8e"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-401",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://usn.ubuntu.com/4274-1/"
},
{
"trust": 2.3,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"
},
{
"trust": 1.7,
"url": "https://gitlab.gnome.org/gnome/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2019/12/msg00032.html"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20200114-0002/"
},
{
"trust": 1.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5r55zr52rmbx24tqtwhciwkjvrv6yawi/"
},
{
"trust": 1.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jdpf3aavkuakdyfmfksiqsvvs3eefpqh/"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujul2020.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19956"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2019-19956"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2020-7595"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2019-20388"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20388"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2018-20843"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2019-15903"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2019-16935"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16935"
},
{
"trust": 0.6,
"url": "https://www.debian.org/lts/security/2019/dla-2048"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161536/red-hat-security-advisory-2020-5635-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6455281"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3535/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021052216"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2162/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1727"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1207"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-appliance-is-affected-by-libxml2-vulnerabilities-cve-2019-19956-cve-2019-20388-cve-2020-7595/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161429/red-hat-security-advisory-2021-0436-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161727/red-hat-security-advisory-2021-0778-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-4/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0171/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-libxml2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159553/red-hat-security-advisory-2020-4255-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4100/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6520474"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0845"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0025/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0691"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162694/red-hat-security-advisory-2021-2021-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0099/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4058"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160889/red-hat-security-advisory-2021-0050-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162130/red-hat-security-advisory-2021-1129-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160125/red-hat-security-advisory-2020-5149-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/160961/red-hat-security-advisory-2021-0146-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3868/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1744"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072097"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/158168/red-hat-security-advisory-2020-2646-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021111735"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2475/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0319/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0471/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4513/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-security-is-affected-by-multiple-vulnerabilities-2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0234/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0584"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-6/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1193"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/libxml2-memory-leak-via-xmlparsebalancedchunkmemoryrecover-31236"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-flex-system-chassis-management-module-cmm-is-affected-by-vulnerabilities-in-libxml2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0864"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3732"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.0986"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-bootable-media-creator-bomc-is-affected-by-vulnerabilities-in-libxml2/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159349/red-hat-security-advisory-2020-3996-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-6/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2604"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159851/red-hat-security-advisory-2020-4479-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156276/ubuntu-security-notice-usn-4274-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.1242"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021041514"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/159661/red-hat-security-advisory-2020-4264-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1826/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3102/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3550"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/161916/red-hat-security-advisory-2021-0949-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/162142/red-hat-security-advisory-2021-1079-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-rackswitch-firmware-products-are-affected-by-vulnerabilities-in-libxml2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-5/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3631/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3364/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-20907"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-8492"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2020-14422"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-20454"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20916"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19221"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19906"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-16168"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-9327"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-13630"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-20387"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5018"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20218"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-13050"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-14889"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-1730"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-19906"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-13627"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-19221"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-6405"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-13631"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20387"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-5018"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-13632"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13627"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14889"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-20218"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20454"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16168"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2019-20916"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2020-1971"
},
{
"trust": 0.3,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-15165"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-14382"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-1751"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-24659"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-1752"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15165"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-10029"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17006"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-12749"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14866"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17023"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17023"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-6829"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12652"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12403"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11756"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11756"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12243"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-14973"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17498"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12749"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17006"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-5094"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-20386"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-17546"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12400"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11727"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11719"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14973"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12402"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5188"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-12652"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2020-12401"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17546"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-11719"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-14866"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20386"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5094"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11727"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2019-5188"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17498"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13631"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-14422"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13630"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-7595"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9925"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9802"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9895"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8625"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8812"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3899"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8819"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3867"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8720"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9893"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8808"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3902"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3900"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9805"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9807"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8769"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8710"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8813"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9850"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8710"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8811"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9803"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9862"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3885"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-15503"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-20807"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-10018"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8835"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8764"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8844"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3865"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3864"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-14391"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3862"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3901"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8823"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3895"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-11793"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8720"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9894"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8816"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9843"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8771"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3897"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9806"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8814"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-9915"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8815"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8625"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8783"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-20807"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8766"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3868"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8846"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-3894"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-8782"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-19126"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18197"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-5482"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-18197"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-12450"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-14822"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14822"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5482"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12450"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-19126"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-11068"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-8177"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12243"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12400"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-5313"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/401.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4479"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20305"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13632"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-1000858"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3115"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-9327"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3114"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000858"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:2021"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8492"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1730"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6405"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3449"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3450"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0050"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8771"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27831"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8769"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27832"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8764"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8766"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4264"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-2974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2226"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2780"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2974"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2752"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2574"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14352"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2225"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-12825"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2181"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2182"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.3/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-8675"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-18190"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-24750"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2224"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-9283"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-2812"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25211"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10726"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-rel"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10725"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10723"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10725"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10722"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-10722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10029"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-17450"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-10726"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27813"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5364"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:5633"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-1551"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1551"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/updating/updating-cluster"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-28362"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:0436"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:1079"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8625"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12402"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1971"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20228"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12401"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3156"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-5313"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20191"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20180"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-12403"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-15999"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-20178"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4274-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-7ubuntu3.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.9.3+dfsg1-1ubuntu0.7"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/libxml2/2.9.4+dfsg1-6.1ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:3996"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.9_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-1240"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-18874"
},
{
"trust": 0.1,
"url": "https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2020:4254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-18874"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-14365"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "PACKETSTORM",
"id": "162694"
},
{
"db": "PACKETSTORM",
"id": "160889"
},
{
"db": "PACKETSTORM",
"id": "159661"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "161429"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "156276"
},
{
"db": "PACKETSTORM",
"id": "159349"
},
{
"db": "PACKETSTORM",
"id": "159552"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"db": "PACKETSTORM",
"id": "162694"
},
{
"db": "PACKETSTORM",
"id": "160889"
},
{
"db": "PACKETSTORM",
"id": "159661"
},
{
"db": "PACKETSTORM",
"id": "161548"
},
{
"db": "PACKETSTORM",
"id": "161429"
},
{
"db": "PACKETSTORM",
"id": "162142"
},
{
"db": "PACKETSTORM",
"id": "156276"
},
{
"db": "PACKETSTORM",
"id": "159349"
},
{
"db": "PACKETSTORM",
"id": "159552"
},
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"date": "2021-05-19T14:19:18",
"db": "PACKETSTORM",
"id": "162694"
},
{
"date": "2021-01-11T16:29:48",
"db": "PACKETSTORM",
"id": "160889"
},
{
"date": "2020-10-21T15:40:32",
"db": "PACKETSTORM",
"id": "159661"
},
{
"date": "2021-02-25T15:30:03",
"db": "PACKETSTORM",
"id": "161548"
},
{
"date": "2021-02-16T15:44:48",
"db": "PACKETSTORM",
"id": "161429"
},
{
"date": "2021-04-09T15:06:13",
"db": "PACKETSTORM",
"id": "162142"
},
{
"date": "2020-02-10T15:35:17",
"db": "PACKETSTORM",
"id": "156276"
},
{
"date": "2020-09-30T15:43:22",
"db": "PACKETSTORM",
"id": "159349"
},
{
"date": "2020-10-14T16:52:12",
"db": "PACKETSTORM",
"id": "159552"
},
{
"date": "2019-12-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"date": "2019-12-24T16:15:00",
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-07-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-19956"
},
{
"date": "2023-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201912-1088"
},
{
"date": "2021-07-21T11:39:00",
"db": "NVD",
"id": "CVE-2019-19956"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libxml2 Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201912-1088"
}
],
"trust": 0.6
}
}
Loading...