Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-16611 (GCVE-0-2017-16611)
Vulnerability from cvelistv5 – Published: 2017-12-01 17:00 – Updated: 2024-08-05 20:27
VLAI
EPSS
Summary
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Severity
5.5 (Medium)
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2017/11/28/7 | mailing-listx_refsource_MLIST |
| https://bugzilla.suse.com/show_bug.cgi?id=1050459 | x_refsource_CONFIRM |
| http://www.ubuntu.com/usn/USN-3500-1 | vendor-advisoryx_refsource_UBUNTU |
| https://marc.info/?l=freedesktop-xorg-announce&m=… | mailing-listx_refsource_MLIST |
| https://security.gentoo.org/glsa/201801-10 | vendor-advisoryx_refsource_GENTOO |
| https://marc.info/?l=freedesktop-xorg-announce&m=… | mailing-listx_refsource_MLIST |
| http://security.cucumberlinux.com/security/detail… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2022… | mailing-listx_refsource_MLIST |
Date Public
2017-11-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:27:04.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"name": "USN-3500-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"name": "GLSA-201801-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont 1.5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"name": "[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-26T01:06:09.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"name": "USN-3500-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"name": "GLSA-201801-10",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont 1.5.4",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"name": "[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1050459",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"name": "USN-3500-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3",
"refsource": "MLIST",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"name": "GLSA-201801-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont 1.5.4",
"refsource": "MLIST",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"name": "http://security.cucumberlinux.com/security/details.php?id=155",
"refsource": "MISC",
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"name": "[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-16611",
"datePublished": "2017-12-01T17:00:00.000Z",
"dateReserved": "2017-11-06T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:27:04.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-16611",
"date": "2026-06-03",
"epss": "0.00076",
"percentile": "0.22783"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-16611\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-12-01T17:29:00.463\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.\"},{\"lang\":\"es\",\"value\":\"En libXfont en versiones anteriores a la 1.5.4 y libXfont2 en versiones anteriores a la 2.0.3, un atacante local puede abrir (pero no leer) archivos en el sistema como root, desencadenando rebobinados de cinta, watchdogs o mecanismos similares que se pueden desencadenar abriendo archivos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndExcluding\":\"1.5.4\",\"matchCriteriaId\":\"2EF948B6-54AC-420B-8AB1-FE7457BFDA71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.0.3\",\"matchCriteriaId\":\"6C5EEDFA-B5A6-488D-9C54-DC21842C861D\"}]}]}],\"references\":[{\"url\":\"http://security.cucumberlinux.com/security/details.php?id=155\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/11/28/7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3500-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1050459\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Tool Signature\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201801-10\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.cucumberlinux.com/security/details.php?id=155\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/11/28/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3500-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1050459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Tool Signature\",\"VDB Entry\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201801-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Title
Уязвимость библиотеки LibXfont, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость библиотеки LibXfont связана с неверным определением символических ссылок перед доступом к файлу. Эксплуатация уязвимости позволяет нарушителю вызвать отказ в обслуживании
Severity
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, X.Org, АО «Концерн ВНИИНС»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, libXfont, ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)
Software Version
1.6 «Смоленск» (Astra Linux Special Edition), 10 (Debian GNU/Linux), 11 (Debian GNU/Linux), от 1.0.0 до 1.5.4 (libXfont), от 2.0.0 до 2.0.3 (libXfont), до 16.01.2023 (ОС ОН «Стрелец»)
Possible Mitigations
Для LibXfont:
использование рекомендаций производителя: https://www.openwall.com/lists/oss-security/2017/11/28/7
Для Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2017-16611
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
Для ОС ОН «Стрелец»:
Обновление программного обеспечения libxfont до версии 1:2.0.1-3+deb9u2
Reference
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?h=libXfont-1.5-branch&id=5ed8ac0e4f063825b8ecda48e9a111d3ce92e825
https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=7b377456f95d2ec3ead40f4fb74ea620191f88c8
https://nvd.nist.gov/vuln/detail/CVE-2017-16611
https://security-tracker.debian.org/tracker/CVE-2017-16611
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
https://www.openwall.com/lists/oss-security/2017/11/28/7
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
CWE
CWE-59
{
"CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, X.Org, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 10 (Debian GNU/Linux), 11 (Debian GNU/Linux), \u043e\u0442 1.0.0 \u0434\u043e 1.5.4 (libXfont), \u043e\u0442 2.0.0 \u0434\u043e 2.0.3 (libXfont), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f LibXfont:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://www.openwall.com/lists/oss-security/2017/11/28/7\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2017-16611\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libxfont \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:2.0.1-3+deb9u2",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "06.11.2017",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "03.10.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-06035",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-16611",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Debian GNU/Linux, libXfont, \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 LibXfont, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a \u043f\u0435\u0440\u0435\u0434 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0430\u0439\u043b\u0443, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0441\u0441\u044b\u043b\u043a\u0438 \u043f\u0435\u0440\u0435\u0434 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0430\u0439\u043b\u0443 (CWE-59)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 LibXfont \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a \u043f\u0435\u0440\u0435\u0434 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0444\u0430\u0439\u043b\u0443. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cgit.freedesktop.org/xorg/lib/libXfont/commit/?h=libXfont-1.5-branch\u0026amp;id=5ed8ac0e4f063825b8ecda48e9a111d3ce92e825\nhttps://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=7b377456f95d2ec3ead40f4fb74ea620191f88c8\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-16611\nhttps://security-tracker.debian.org/tracker/CVE-2017-16611\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16\nhttps://www.openwall.com/lists/oss-security/2017/11/28/7\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-59",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}
CERTFR-2022-AVI-267
Vulnerability from certfr_avis - Published: 2022-03-23 - Updated: 2022-03-23
De multiples vulnérabilités ont été découvertes dans Juniper Networks Junos Space. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos Space | Juniper Networks Junos Space versions antérieures à 21.1R1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Networks Junos Space versions ant\u00e9rieures \u00e0 21.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-13082",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13082"
},
{
"name": "CVE-2017-13088",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13088"
},
{
"name": "CVE-2017-13086",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13086"
},
{
"name": "CVE-2017-13087",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13087"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2007-1351",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1351"
},
{
"name": "CVE-2007-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1352"
},
{
"name": "CVE-2007-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-6284"
},
{
"name": "CVE-2008-2935",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2935"
},
{
"name": "CVE-2008-3281",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3281"
},
{
"name": "CVE-2008-3529",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3529"
},
{
"name": "CVE-2008-4226",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4226"
},
{
"name": "CVE-2008-4225",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4225"
},
{
"name": "CVE-2009-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2414"
},
{
"name": "CVE-2009-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2416"
},
{
"name": "CVE-2008-5161",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2011-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
},
{
"name": "CVE-2011-1720",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
},
{
"name": "CVE-2011-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
},
{
"name": "CVE-2011-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
},
{
"name": "CVE-2011-2895",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2895"
},
{
"name": "CVE-2011-3905",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3905"
},
{
"name": "CVE-2011-3919",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3919"
},
{
"name": "CVE-2012-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0841"
},
{
"name": "CVE-2011-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
},
{
"name": "CVE-2012-2807",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2807"
},
{
"name": "CVE-2012-2870",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2870"
},
{
"name": "CVE-2012-5134",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5134"
},
{
"name": "CVE-2011-3102",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3102"
},
{
"name": "CVE-2013-2877",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2877"
},
{
"name": "CVE-2013-0338",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0338"
},
{
"name": "CVE-2012-6139",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6139"
},
{
"name": "CVE-2013-2566",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
},
{
"name": "CVE-2013-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6462"
},
{
"name": "CVE-2014-0211",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0211"
},
{
"name": "CVE-2014-3660",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
},
{
"name": "CVE-2015-1803",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1803"
},
{
"name": "CVE-2015-1804",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1804"
},
{
"name": "CVE-2015-1802",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1802"
},
{
"name": "CVE-2015-2716",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2716"
},
{
"name": "CVE-2015-5352",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5352"
},
{
"name": "CVE-2015-2808",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
},
{
"name": "CVE-2014-8991",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8991"
},
{
"name": "CVE-2014-7185",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7185"
},
{
"name": "CVE-2014-9365",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9365"
},
{
"name": "CVE-2015-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6838"
},
{
"name": "CVE-2015-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6837"
},
{
"name": "CVE-2015-7995",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7995"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2015-7499",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7499"
},
{
"name": "CVE-2015-8242",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8242"
},
{
"name": "CVE-2015-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7500"
},
{
"name": "CVE-2016-1762",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1762"
},
{
"name": "CVE-2015-5312",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5312"
},
{
"name": "CVE-2016-1839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1839"
},
{
"name": "CVE-2016-1833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1833"
},
{
"name": "CVE-2016-1837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1837"
},
{
"name": "CVE-2016-1834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1834"
},
{
"name": "CVE-2016-1840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1840"
},
{
"name": "CVE-2016-1836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1836"
},
{
"name": "CVE-2016-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1838"
},
{
"name": "CVE-2016-1684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1684"
},
{
"name": "CVE-2016-1683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1683"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2015-0975",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0975"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2016-3115",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3115"
},
{
"name": "CVE-2016-5636",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5636"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-7376",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7376"
},
{
"name": "CVE-2017-7773",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7773"
},
{
"name": "CVE-2017-7772",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7772"
},
{
"name": "CVE-2017-7778",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7778"
},
{
"name": "CVE-2017-7771",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7771"
},
{
"name": "CVE-2017-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7774"
},
{
"name": "CVE-2017-7776",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7776"
},
{
"name": "CVE-2017-7777",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7777"
},
{
"name": "CVE-2017-7775",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7775"
},
{
"name": "CVE-2017-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6463"
},
{
"name": "CVE-2017-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6462"
},
{
"name": "CVE-2017-6464",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6464"
},
{
"name": "CVE-2017-14492",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14492"
},
{
"name": "CVE-2017-14496",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14496"
},
{
"name": "CVE-2017-14491",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14491"
},
{
"name": "CVE-2017-14493",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14493"
},
{
"name": "CVE-2017-14494",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14494"
},
{
"name": "CVE-2017-14495",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14495"
},
{
"name": "CVE-2017-5130",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5130"
},
{
"name": "CVE-2017-3736",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3736"
},
{
"name": "CVE-2017-3735",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3735"
},
{
"name": "CVE-2017-15412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
},
{
"name": "CVE-2017-3738",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3738"
},
{
"name": "CVE-2017-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3737"
},
{
"name": "CVE-2017-17807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17807"
},
{
"name": "CVE-2018-0739",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0739"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2018-11214",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11214"
},
{
"name": "CVE-2015-9019",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9019"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2017-16932",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16932"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2018-1000120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120"
},
{
"name": "CVE-2018-1000007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007"
},
{
"name": "CVE-2018-1000121",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121"
},
{
"name": "CVE-2018-1000122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-6914",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6914"
},
{
"name": "CVE-2017-0898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0898"
},
{
"name": "CVE-2018-8778",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8778"
},
{
"name": "CVE-2017-14033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14033"
},
{
"name": "CVE-2018-8780",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8780"
},
{
"name": "CVE-2017-17742",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17742"
},
{
"name": "CVE-2017-10784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10784"
},
{
"name": "CVE-2017-17405",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17405"
},
{
"name": "CVE-2018-8779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8779"
},
{
"name": "CVE-2017-14064",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14064"
},
{
"name": "CVE-2018-8777",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8777"
},
{
"name": "CVE-2018-16395",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16395"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2018-16396",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16396"
},
{
"name": "CVE-2018-0495",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0495"
},
{
"name": "CVE-2018-0734",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0734"
},
{
"name": "CVE-2018-5407",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5407"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2018-11212",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11212"
},
{
"name": "CVE-2017-18267",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18267"
},
{
"name": "CVE-2018-13988",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13988"
},
{
"name": "CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"name": "CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"name": "CVE-2019-1559",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1559"
},
{
"name": "CVE-2019-6133",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6133"
},
{
"name": "CVE-2018-18311",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18311"
},
{
"name": "CVE-2018-12127",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12127"
},
{
"name": "CVE-2018-12130",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12130"
},
{
"name": "CVE-2019-11091",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11091"
},
{
"name": "CVE-2018-12126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12126"
},
{
"name": "CVE-2019-9503",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9503"
},
{
"name": "CVE-2019-10132",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10132"
},
{
"name": "CVE-2019-11190",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11190"
},
{
"name": "CVE-2019-11884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11884"
},
{
"name": "CVE-2019-11487",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11487"
},
{
"name": "CVE-2019-12382",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12382"
},
{
"name": "CVE-2018-7191",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7191"
},
{
"name": "CVE-2019-5953",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5953"
},
{
"name": "CVE-2019-12614",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12614"
},
{
"name": "CVE-2019-11729",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11729"
},
{
"name": "CVE-2019-11727",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11727"
},
{
"name": "CVE-2019-11719",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11719"
},
{
"name": "CVE-2018-1060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1060"
},
{
"name": "CVE-2018-12327",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12327"
},
{
"name": "CVE-2018-1061",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1061"
},
{
"name": "CVE-2019-10639",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10639"
},
{
"name": "CVE-2019-10638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10638"
},
{
"name": "CVE-2018-20836",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20836"
},
{
"name": "CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"name": "CVE-2019-14283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14283"
},
{
"name": "CVE-2019-13648",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13648"
},
{
"name": "CVE-2019-10207",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10207"
},
{
"name": "CVE-2015-9289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9289"
},
{
"name": "CVE-2019-14816",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14816"
},
{
"name": "CVE-2019-15239",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15239"
},
{
"name": "CVE-2019-15917",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15917"
},
{
"name": "CVE-2017-18551",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18551"
},
{
"name": "CVE-2019-15217",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15217"
},
{
"name": "CVE-2019-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14821"
},
{
"name": "CVE-2019-11068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11068"
},
{
"name": "CVE-2018-18066",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18066"
},
{
"name": "CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"name": "CVE-2019-17666",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
},
{
"name": "CVE-2019-17133",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17133"
},
{
"name": "CVE-2018-12207",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12207"
},
{
"name": "CVE-2019-11135",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
},
{
"name": "CVE-2019-0154",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
},
{
"name": "CVE-2019-17055",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17055"
},
{
"name": "CVE-2019-17053",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17053"
},
{
"name": "CVE-2019-16746",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16746"
},
{
"name": "CVE-2019-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0155"
},
{
"name": "CVE-2019-16233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
},
{
"name": "CVE-2019-15807",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15807"
},
{
"name": "CVE-2019-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
},
{
"name": "CVE-2019-11756",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11756"
},
{
"name": "CVE-2019-11745",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11745"
},
{
"name": "CVE-2019-19058",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
},
{
"name": "CVE-2019-14895",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
},
{
"name": "CVE-2019-19046",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
},
{
"name": "CVE-2019-15916",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
},
{
"name": "CVE-2019-18660",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
},
{
"name": "CVE-2019-19063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
},
{
"name": "CVE-2019-19062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
},
{
"name": "CVE-2018-14526",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14526"
},
{
"name": "CVE-2019-13734",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13734"
},
{
"name": "CVE-2019-19530",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
},
{
"name": "CVE-2019-19534",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
},
{
"name": "CVE-2019-19524",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
},
{
"name": "CVE-2019-14901",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
},
{
"name": "CVE-2019-19537",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
},
{
"name": "CVE-2019-19523",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
},
{
"name": "CVE-2019-19338",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
},
{
"name": "CVE-2019-19332",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
},
{
"name": "CVE-2019-19527",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
},
{
"name": "CVE-2019-18808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
},
{
"name": "CVE-2019-19767",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
},
{
"name": "CVE-2019-19807",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19807"
},
{
"name": "CVE-2019-19055",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19055"
},
{
"name": "CVE-2019-17023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17023"
},
{
"name": "CVE-2019-9824",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9824"
},
{
"name": "CVE-2019-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9636"
},
{
"name": "CVE-2019-12749",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12749"
},
{
"name": "CVE-2019-19447",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
},
{
"name": "CVE-2019-20095",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20095"
},
{
"name": "CVE-2019-20054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
},
{
"name": "CVE-2019-18634",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18634"
},
{
"name": "CVE-2019-14898",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14898"
},
{
"name": "CVE-2019-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16994"
},
{
"name": "CVE-2019-18282",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18282"
},
{
"name": "CVE-2020-2732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2732"
},
{
"name": "CVE-2019-19059",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19059"
},
{
"name": "CVE-2019-3901",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3901"
},
{
"name": "CVE-2020-9383",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9383"
},
{
"name": "CVE-2020-8647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8647"
},
{
"name": "CVE-2020-8649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8649"
},
{
"name": "CVE-2020-1749",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1749"
},
{
"name": "CVE-2019-9458",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9458"
},
{
"name": "CVE-2020-10942",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10942"
},
{
"name": "CVE-2019-9454",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9454"
},
{
"name": "CVE-2020-11565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11565"
},
{
"name": "CVE-2020-10690",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10690"
},
{
"name": "CVE-2020-10751",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10751"
},
{
"name": "CVE-2020-12826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12826"
},
{
"name": "CVE-2020-12654",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12654"
},
{
"name": "CVE-2020-10732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10732"
},
{
"name": "CVE-2019-20636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20636"
},
{
"name": "CVE-2019-20811",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20811"
},
{
"name": "CVE-2020-12653",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12653"
},
{
"name": "CVE-2020-10757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10757"
},
{
"name": "CVE-2020-12770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12770"
},
{
"name": "CVE-2020-12888",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12888"
},
{
"name": "CVE-2020-12402",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12402"
},
{
"name": "CVE-2018-16881",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16881"
},
{
"name": "CVE-2018-19519",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19519"
},
{
"name": "CVE-2020-10713",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10713"
},
{
"name": "CVE-2020-14311",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14311"
},
{
"name": "CVE-2020-14309",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14309"
},
{
"name": "CVE-2020-15706",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15706"
},
{
"name": "CVE-2020-14308",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14308"
},
{
"name": "CVE-2020-14310",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14310"
},
{
"name": "CVE-2020-15705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15705"
},
{
"name": "CVE-2020-15707",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15707"
},
{
"name": "CVE-2020-14331",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14331"
},
{
"name": "CVE-2020-10769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10769"
},
{
"name": "CVE-2020-14364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14364"
},
{
"name": "CVE-2020-12400",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12400"
},
{
"name": "CVE-2020-12401",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12401"
},
{
"name": "CVE-2020-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6829"
},
{
"name": "CVE-2020-14314",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14314"
},
{
"name": "CVE-2020-24394",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24394"
},
{
"name": "CVE-2020-25212",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25212"
},
{
"name": "CVE-2020-14305",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14305"
},
{
"name": "CVE-2020-10742",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10742"
},
{
"name": "CVE-2020-14385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14385"
},
{
"name": "CVE-2020-25643",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25643"
},
{
"name": "CVE-2020-15999",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15999"
},
{
"name": "CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"name": "CVE-2018-5729",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5729"
},
{
"name": "CVE-2018-5730",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5730"
},
{
"name": "CVE-2020-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13817"
},
{
"name": "CVE-2020-11868",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11868"
},
{
"name": "CVE-2021-3156",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3156"
},
{
"name": "CVE-2019-17006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17006"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2020-10531",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10531"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2019-20907",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20907"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2017-12652",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12652"
},
{
"name": "CVE-2019-12450",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12450"
},
{
"name": "CVE-2020-12825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12825"
},
{
"name": "CVE-2020-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12243"
},
{
"name": "CVE-2019-14866",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14866"
},
{
"name": "CVE-2020-1983",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1983"
},
{
"name": "CVE-2019-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5188"
},
{
"name": "CVE-2019-5094",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5094"
},
{
"name": "CVE-2020-10754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10754"
},
{
"name": "CVE-2020-12049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12049"
},
{
"name": "CVE-2019-14822",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14822"
},
{
"name": "CVE-2020-14363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14363"
},
{
"name": "CVE-2019-9924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9924"
},
{
"name": "CVE-2018-18751",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18751"
},
{
"name": "CVE-2019-9948",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9948"
},
{
"name": "CVE-2019-20386",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20386"
},
{
"name": "CVE-2017-13722",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13722"
},
{
"name": "CVE-2014-0210",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0210"
},
{
"name": "CVE-2018-16403",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16403"
},
{
"name": "CVE-2018-15746",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15746"
},
{
"name": "CVE-2014-6272",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6272"
},
{
"name": "CVE-2019-7638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7638"
},
{
"name": "CVE-2015-8241",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8241"
},
{
"name": "CVE-2019-10155",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10155"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2018-18310",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18310"
},
{
"name": "CVE-2018-1084",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1084"
},
{
"name": "CVE-2020-12662",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12662"
},
{
"name": "CVE-2012-4423",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-4423"
},
{
"name": "CVE-2017-0902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0902"
},
{
"name": "CVE-2018-8945",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8945"
},
{
"name": "CVE-2017-0899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0899"
},
{
"name": "CVE-2010-2239",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2239"
},
{
"name": "CVE-2010-2242",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2242"
},
{
"name": "CVE-2017-14167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14167"
},
{
"name": "CVE-2015-0225",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0225"
},
{
"name": "CVE-2019-11324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11324"
},
{
"name": "CVE-2013-6458",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6458"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2018-15857",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15857"
},
{
"name": "CVE-2018-16062",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16062"
},
{
"name": "CVE-2018-10534",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10534"
},
{
"name": "CVE-2014-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0179"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2013-1766",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1766"
},
{
"name": "CVE-2016-6580",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6580"
},
{
"name": "CVE-2018-12697",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12697"
},
{
"name": "CVE-2018-1000301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000301"
},
{
"name": "CVE-2019-11236",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11236"
},
{
"name": "CVE-2019-12155",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12155"
},
{
"name": "CVE-2017-0900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0900"
},
{
"name": "CVE-2014-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3598"
},
{
"name": "CVE-2017-1000050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000050"
},
{
"name": "CVE-2018-10535",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10535"
},
{
"name": "CVE-2019-3820",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3820"
},
{
"name": "CVE-2018-16402",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16402"
},
{
"name": "CVE-2018-1116",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1116"
},
{
"name": "CVE-2018-15853",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15853"
},
{
"name": "CVE-2019-14378",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14378"
},
{
"name": "CVE-2016-1494",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1494"
},
{
"name": "CVE-2019-12312",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12312"
},
{
"name": "CVE-2013-0339",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0339"
},
{
"name": "CVE-2019-16935",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16935"
},
{
"name": "CVE-2015-6525",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6525"
},
{
"name": "CVE-2016-6581",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6581"
},
{
"name": "CVE-2013-4520",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4520"
},
{
"name": "CVE-2014-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3633"
},
{
"name": "CVE-2014-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3004"
},
{
"name": "CVE-2015-9381",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9381"
},
{
"name": "CVE-2016-5361",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5361"
},
{
"name": "CVE-2018-14598",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14598"
},
{
"name": "CVE-2014-1447",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1447"
},
{
"name": "CVE-2018-20852",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20852"
},
{
"name": "CVE-2012-2693",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2693"
},
{
"name": "CVE-2018-7208",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7208"
},
{
"name": "CVE-2018-12910",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12910"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2015-7497",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7497"
},
{
"name": "CVE-2019-7665",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7665"
},
{
"name": "CVE-2018-15854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15854"
},
{
"name": "CVE-2019-13404",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13404"
},
{
"name": "CVE-2015-5160",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5160"
},
{
"name": "CVE-2018-10767",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10767"
},
{
"name": "CVE-2018-7550",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7550"
},
{
"name": "CVE-2016-3076",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3076"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2018-18521",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18521"
},
{
"name": "CVE-2018-19788",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19788"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2019-3840",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3840"
},
{
"name": "CVE-2016-9189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9189"
},
{
"name": "CVE-2015-9262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9262"
},
{
"name": "CVE-2018-14647",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14647"
},
{
"name": "CVE-2019-17041",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17041"
},
{
"name": "CVE-2019-14906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14906"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2019-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9947"
},
{
"name": "CVE-2017-1000158",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000158"
},
{
"name": "CVE-2019-7635",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7635"
},
{
"name": "CVE-2019-7576",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7576"
},
{
"name": "CVE-2019-14834",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14834"
},
{
"name": "CVE-2018-15855",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15855"
},
{
"name": "CVE-2019-7149",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7149"
},
{
"name": "CVE-2018-7642",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7642"
},
{
"name": "CVE-2019-5010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5010"
},
{
"name": "CVE-2018-12641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12641"
},
{
"name": "CVE-2021-3396",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3396"
},
{
"name": "CVE-2020-12403",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12403"
},
{
"name": "CVE-2017-15268",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15268"
},
{
"name": "CVE-2018-15587",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15587"
},
{
"name": "CVE-2016-10746",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10746"
},
{
"name": "CVE-2017-13711",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13711"
},
{
"name": "CVE-2014-8131",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8131"
},
{
"name": "CVE-2014-9601",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9601"
},
{
"name": "CVE-2014-3657",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3657"
},
{
"name": "CVE-2018-10373",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10373"
},
{
"name": "CVE-2017-17790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17790"
},
{
"name": "CVE-2011-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2511"
},
{
"name": "CVE-2018-1000802",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000802"
},
{
"name": "CVE-2017-7555",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7555"
},
{
"name": "CVE-2016-9015",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9015"
},
{
"name": "CVE-2017-13720",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13720"
},
{
"name": "CVE-2018-11782",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11782"
},
{
"name": "CVE-2017-11671",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11671"
},
{
"name": "CVE-2017-10664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10664"
},
{
"name": "CVE-2018-11213",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11213"
},
{
"name": "CVE-2013-6457",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-6457"
},
{
"name": "CVE-2019-10138",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10138"
},
{
"name": "CVE-2019-7578",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7578"
},
{
"name": "CVE-2020-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7039"
},
{
"name": "CVE-2017-11368",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11368"
},
{
"name": "CVE-2018-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0494"
},
{
"name": "CVE-2019-20485",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20485"
},
{
"name": "CVE-2003-1418",
"url": "https://www.cve.org/CVERecord?id=CVE-2003-1418"
},
{
"name": "CVE-2017-15289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15289"
},
{
"name": "CVE-2016-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5391"
},
{
"name": "CVE-2017-2810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2810"
},
{
"name": "CVE-2018-15864",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15864"
},
{
"name": "CVE-2017-18207",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18207"
},
{
"name": "CVE-2019-12761",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12761"
},
{
"name": "CVE-2013-5651",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5651"
},
{
"name": "CVE-2017-17522",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17522"
},
{
"name": "CVE-2019-20382",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20382"
},
{
"name": "CVE-2016-2533",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2533"
},
{
"name": "CVE-2019-14287",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14287"
},
{
"name": "CVE-2018-18520",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18520"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2019-7575",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7575"
},
{
"name": "CVE-2015-5652",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5652"
},
{
"name": "CVE-2019-7572",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7572"
},
{
"name": "CVE-2017-6519",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6519"
},
{
"name": "CVE-2018-10906",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10906"
},
{
"name": "CVE-2018-15863",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15863"
},
{
"name": "CVE-2018-15862",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15862"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2019-7664",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7664"
},
{
"name": "CVE-2017-5992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5992"
},
{
"name": "CVE-2019-16865",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16865"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2018-1000030",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000030"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2017-0901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0901"
},
{
"name": "CVE-2018-7568",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7568"
},
{
"name": "CVE-2016-0775",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0775"
},
{
"name": "CVE-2018-15688",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15688"
},
{
"name": "CVE-2018-14599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14599"
},
{
"name": "CVE-2018-10733",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10733"
},
{
"name": "CVE-2016-9396",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9396"
},
{
"name": "CVE-2019-10160",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10160"
},
{
"name": "CVE-2017-7562",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7562"
},
{
"name": "CVE-2016-1000032",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000032"
},
{
"name": "CVE-2017-15124",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15124"
},
{
"name": "CVE-2018-1113",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1113"
},
{
"name": "CVE-2013-4399",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4399"
},
{
"name": "CVE-2019-7636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7636"
},
{
"name": "CVE-2014-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3672"
},
{
"name": "CVE-2018-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4700"
},
{
"name": "CVE-2017-0903",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0903"
},
{
"name": "CVE-2018-15856",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15856"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2019-7573",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7573"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2010-2237",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2237"
},
{
"name": "CVE-2018-1000876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000876"
},
{
"name": "CVE-2018-14348",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14348"
},
{
"name": "CVE-2019-3890",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3890"
},
{
"name": "CVE-2015-7498",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7498"
},
{
"name": "CVE-2019-7577",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7577"
},
{
"name": "CVE-2016-0740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0740"
},
{
"name": "CVE-2018-4180",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4180"
},
{
"name": "CVE-2013-4297",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4297"
},
{
"name": "CVE-2010-2238",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2238"
},
{
"name": "CVE-2018-14600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14600"
},
{
"name": "CVE-2017-13090",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13090"
},
{
"name": "CVE-2013-7336",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7336"
},
{
"name": "CVE-2018-10372",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10372"
},
{
"name": "CVE-2019-7637",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7637"
},
{
"name": "CVE-2018-11806",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11806"
},
{
"name": "CVE-2018-7643",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7643"
},
{
"name": "CVE-2015-0236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0236"
},
{
"name": "CVE-2018-1000117",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000117"
},
{
"name": "CVE-2014-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0209"
},
{
"name": "CVE-2013-2230",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2230"
},
{
"name": "CVE-2018-1122",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1122"
},
{
"name": "CVE-2014-3960",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3960"
},
{
"name": "CVE-2019-16056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16056"
},
{
"name": "CVE-2020-12663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12663"
},
{
"name": "CVE-2018-10768",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10768"
},
{
"name": "CVE-2017-16611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16611"
},
{
"name": "CVE-2014-7823",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7823"
},
{
"name": "CVE-2020-10703",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10703"
},
{
"name": "CVE-2018-7569",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7569"
},
{
"name": "CVE-2013-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4154"
},
{
"name": "CVE-2018-20060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
},
{
"name": "CVE-2015-9382",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9382"
},
{
"name": "CVE-2017-18190",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18190"
},
{
"name": "CVE-2016-4009",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4009"
},
{
"name": "CVE-2018-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13033"
},
{
"name": "CVE-2016-9190",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9190"
},
{
"name": "CVE-2019-7574",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7574"
},
{
"name": "CVE-2016-0772",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0772"
},
{
"name": "CVE-2016-5699",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5699"
},
{
"name": "CVE-2011-1486",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1486"
},
{
"name": "CVE-2020-5208",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5208"
},
{
"name": "CVE-2019-6778",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6778"
},
{
"name": "CVE-2020-10772",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10772"
},
{
"name": "CVE-2020-25637",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25637"
},
{
"name": "CVE-2018-10360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10360"
},
{
"name": "CVE-2018-15859",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15859"
},
{
"name": "CVE-2017-13089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13089"
},
{
"name": "CVE-2019-12779",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12779"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2019-6690",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6690"
},
{
"name": "CVE-2015-8317",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8317"
},
{
"name": "CVE-2018-4181",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-4181"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2016-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3616"
},
{
"name": "CVE-2018-14498",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14498"
},
{
"name": "CVE-2018-15861",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15861"
},
{
"name": "CVE-2019-7150",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7150"
},
{
"name": "CVE-2019-17042",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17042"
},
{
"name": "CVE-2016-5008",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5008"
},
{
"name": "CVE-2014-4616",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4616"
}
],
"initial_release_date": "2022-03-23T00:00:00",
"last_revision_date": "2022-03-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-267",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-03-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Networks\nJunos Space. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Networks Junos Space",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11176 du 22 mars 2022",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11176\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
Title
libXfont和libXfont2任意文件访问漏洞
Description
libXfont和libXfont2都是X.Org基金会的用于服务器和实用程序的X字体处理库。
libXfont 1.5.4之前的版本和libXfont2 2.0.3之前的版本中存在安全漏洞。本地攻击者可利用该漏洞使X server访问任意文件。
Severity
低
Patch Name
libXfont和libXfont2任意文件访问漏洞的补丁
Patch Description
libXfont和libXfont2都是X.Org基金会的用于服务器和实用程序的X字体处理库。
libXfont 1.5.4之前的版本和libXfont2 2.0.3之前的版本中存在安全漏洞。本地攻击者可利用该漏洞使X server访问任意文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://www.x.org
Reference
http://www.openwall.com/lists/oss-security/2017/11/28/7
Impacted products
| Name | ['X.Org libXfont <1.5.4', 'X.Org libXfont2 <2.0.3'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-16611"
}
},
"description": "libXfont\u548clibXfont2\u90fd\u662fX.Org\u57fa\u91d1\u4f1a\u7684\u7528\u4e8e\u670d\u52a1\u5668\u548c\u5b9e\u7528\u7a0b\u5e8f\u7684X\u5b57\u4f53\u5904\u7406\u5e93\u3002\r\n\r\nlibXfont 1.5.4\u4e4b\u524d\u7684\u7248\u672c\u548clibXfont2 2.0.3\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7fX server\u8bbf\u95ee\u4efb\u610f\u6587\u4ef6\u3002",
"discovererName": "Johannes Segitz",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.x.org",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-00249",
"openTime": "2018-01-04",
"patchDescription": "libXfont\u548clibXfont2\u90fd\u662fX.Org\u57fa\u91d1\u4f1a\u7684\u7528\u4e8e\u670d\u52a1\u5668\u548c\u5b9e\u7528\u7a0b\u5e8f\u7684X\u5b57\u4f53\u5904\u7406\u5e93\u3002\r\n\r\nlibXfont 1.5.4\u4e4b\u524d\u7684\u7248\u672c\u548clibXfont2 2.0.3\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7fX server\u8bbf\u95ee\u4efb\u610f\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "libXfont\u548clibXfont2\u4efb\u610f\u6587\u4ef6\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"X.Org libXfont \u003c1.5.4",
"X.Org libXfont2 \u003c2.0.3"
]
},
"referenceLink": "http://www.openwall.com/lists/oss-security/2017/11/28/7",
"serverity": "\u4f4e",
"submitTime": "2017-12-05",
"title": "libXfont\u548clibXfont2\u4efb\u610f\u6587\u4ef6\u8bbf\u95ee\u6f0f\u6d1e"
}
FKIE_CVE-2017-16611
Vulnerability from fkie_nvd - Published: 2017-12-01 17:29 - Updated: 2026-05-13 00:24
Severity
Summary
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.04 | |
| canonical | ubuntu_linux | 17.10 | |
| x | libxfont | * | |
| x | libxfont | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"matchCriteriaId": "9070C9D8-A14A-467F-8253-33B966C16886",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EF948B6-54AC-420B-8AB1-FE7457BFDA71",
"versionEndExcluding": "1.5.4",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5EEDFA-B5A6-488D-9C54-DC21842C861D",
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files."
},
{
"lang": "es",
"value": "En libXfont en versiones anteriores a la 1.5.4 y libXfont2 en versiones anteriores a la 2.0.3, un atacante local puede abrir (pero no leer) archivos en el sistema como root, desencadenando rebobinados de cinta, watchdogs o mecanismos similares que se pueden desencadenar abriendo archivos."
}
],
"id": "CVE-2017-16611",
"lastModified": "2026-05-13T00:24:29.033",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-01T17:29:00.463",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Tool Signature",
"VDB Entry"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Tool Signature",
"VDB Entry"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-10"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-VJCJ-64VH-89F7
Vulnerability from github – Published: 2022-05-13 01:03 – Updated: 2022-05-13 01:03
VLAI
Details
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Severity
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-16611"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-01T17:29:00Z",
"severity": "MODERATE"
},
"details": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.",
"id": "GHSA-vjcj-64vh-89f7",
"modified": "2022-05-13T01:03:32Z",
"published": "2022-05-13T01:03:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-16611"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
},
{
"type": "WEB",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"type": "WEB",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"type": "WEB",
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-3500-1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2017-16611
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-16611",
"description": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.",
"id": "GSD-2017-16611",
"references": [
"https://www.suse.com/security/cve/CVE-2017-16611.html",
"https://ubuntu.com/security/CVE-2017-16611",
"https://advisories.mageia.org/CVE-2017-16611.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-16611"
],
"details": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.",
"id": "GSD-2017-16611",
"modified": "2023-12-13T01:21:01.193177Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1050459",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"name": "USN-3500-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3",
"refsource": "MLIST",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"name": "GLSA-201801-10",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont 1.5.4",
"refsource": "MLIST",
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"name": "http://security.cucumberlinux.com/security/details.php?id=155",
"refsource": "MISC",
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"name": "[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.5.4",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-16611"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1050459",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Tool Signature",
"VDB Entry"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1050459"
},
{
"name": "USN-3500-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3500-1"
},
{
"name": "[oss-security] 20171128 CVE-2017-16611 libXfont Open files with O_NOFOLLOW",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/11/28/7"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont 1.5.4",
"refsource": "MLIST",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188049718337\u0026w=2"
},
{
"name": "[freedesktop-xorg-announce] 20171128 libXfont2 2.0.3",
"refsource": "MLIST",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://marc.info/?l=freedesktop-xorg-announce\u0026m=151188044218304\u0026w=2"
},
{
"name": "http://security.cucumberlinux.com/security/details.php?id=155",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "http://security.cucumberlinux.com/security/details.php?id=155"
},
{
"name": "GLSA-201801-10",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-10"
},
{
"name": "[debian-lts-announce] 20220125 [SECURITY] [DLA 2901-1] libxfont security update",
"refsource": "MLIST",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00028.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-02-20T06:06Z",
"publishedDate": "2017-12-01T17:29Z"
}
}
}
OPENSUSE-SU-2024:10921-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libXfont-devel-1.5.4-2.18 on GA media
Severity
Moderate
Notes
Title of the patch: libXfont-devel-1.5.4-2.18 on GA media
Description of the patch: These are all security issues fixed in the libXfont-devel-1.5.4-2.18 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10921
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libXfont-devel-1.5.4-2.18 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libXfont-devel-1.5.4-2.18 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10921",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10921-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13720 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13722 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16611 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16611/"
}
],
"title": "libXfont-devel-1.5.4-2.18 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10921-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libXfont-devel-1.5.4-2.18.aarch64",
"product": {
"name": "libXfont-devel-1.5.4-2.18.aarch64",
"product_id": "libXfont-devel-1.5.4-2.18.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont-devel-32bit-1.5.4-2.18.aarch64",
"product": {
"name": "libXfont-devel-32bit-1.5.4-2.18.aarch64",
"product_id": "libXfont-devel-32bit-1.5.4-2.18.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont1-1.5.4-2.18.aarch64",
"product": {
"name": "libXfont1-1.5.4-2.18.aarch64",
"product_id": "libXfont1-1.5.4-2.18.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont1-32bit-1.5.4-2.18.aarch64",
"product": {
"name": "libXfont1-32bit-1.5.4-2.18.aarch64",
"product_id": "libXfont1-32bit-1.5.4-2.18.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont-devel-1.5.4-2.18.ppc64le",
"product": {
"name": "libXfont-devel-1.5.4-2.18.ppc64le",
"product_id": "libXfont-devel-1.5.4-2.18.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"product": {
"name": "libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"product_id": "libXfont-devel-32bit-1.5.4-2.18.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont1-1.5.4-2.18.ppc64le",
"product": {
"name": "libXfont1-1.5.4-2.18.ppc64le",
"product_id": "libXfont1-1.5.4-2.18.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont1-32bit-1.5.4-2.18.ppc64le",
"product": {
"name": "libXfont1-32bit-1.5.4-2.18.ppc64le",
"product_id": "libXfont1-32bit-1.5.4-2.18.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont-devel-1.5.4-2.18.s390x",
"product": {
"name": "libXfont-devel-1.5.4-2.18.s390x",
"product_id": "libXfont-devel-1.5.4-2.18.s390x"
}
},
{
"category": "product_version",
"name": "libXfont-devel-32bit-1.5.4-2.18.s390x",
"product": {
"name": "libXfont-devel-32bit-1.5.4-2.18.s390x",
"product_id": "libXfont-devel-32bit-1.5.4-2.18.s390x"
}
},
{
"category": "product_version",
"name": "libXfont1-1.5.4-2.18.s390x",
"product": {
"name": "libXfont1-1.5.4-2.18.s390x",
"product_id": "libXfont1-1.5.4-2.18.s390x"
}
},
{
"category": "product_version",
"name": "libXfont1-32bit-1.5.4-2.18.s390x",
"product": {
"name": "libXfont1-32bit-1.5.4-2.18.s390x",
"product_id": "libXfont1-32bit-1.5.4-2.18.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont-devel-1.5.4-2.18.x86_64",
"product": {
"name": "libXfont-devel-1.5.4-2.18.x86_64",
"product_id": "libXfont-devel-1.5.4-2.18.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont-devel-32bit-1.5.4-2.18.x86_64",
"product": {
"name": "libXfont-devel-32bit-1.5.4-2.18.x86_64",
"product_id": "libXfont-devel-32bit-1.5.4-2.18.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont1-1.5.4-2.18.x86_64",
"product": {
"name": "libXfont1-1.5.4-2.18.x86_64",
"product_id": "libXfont1-1.5.4-2.18.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont1-32bit-1.5.4-2.18.x86_64",
"product": {
"name": "libXfont1-32bit-1.5.4-2.18.x86_64",
"product_id": "libXfont1-32bit-1.5.4-2.18.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-1.5.4-2.18.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64"
},
"product_reference": "libXfont-devel-1.5.4-2.18.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-1.5.4-2.18.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le"
},
"product_reference": "libXfont-devel-1.5.4-2.18.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-1.5.4-2.18.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x"
},
"product_reference": "libXfont-devel-1.5.4-2.18.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-1.5.4-2.18.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64"
},
"product_reference": "libXfont-devel-1.5.4-2.18.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-32bit-1.5.4-2.18.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64"
},
"product_reference": "libXfont-devel-32bit-1.5.4-2.18.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-32bit-1.5.4-2.18.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le"
},
"product_reference": "libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-32bit-1.5.4-2.18.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x"
},
"product_reference": "libXfont-devel-32bit-1.5.4-2.18.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont-devel-32bit-1.5.4-2.18.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64"
},
"product_reference": "libXfont-devel-32bit-1.5.4-2.18.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-1.5.4-2.18.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64"
},
"product_reference": "libXfont1-1.5.4-2.18.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-1.5.4-2.18.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le"
},
"product_reference": "libXfont1-1.5.4-2.18.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-1.5.4-2.18.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x"
},
"product_reference": "libXfont1-1.5.4-2.18.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-1.5.4-2.18.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64"
},
"product_reference": "libXfont1-1.5.4-2.18.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-32bit-1.5.4-2.18.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64"
},
"product_reference": "libXfont1-32bit-1.5.4-2.18.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-32bit-1.5.4-2.18.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le"
},
"product_reference": "libXfont1-32bit-1.5.4-2.18.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-32bit-1.5.4-2.18.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x"
},
"product_reference": "libXfont1-32bit-1.5.4-2.18.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont1-32bit-1.5.4-2.18.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
},
"product_reference": "libXfont1-32bit-1.5.4-2.18.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13720"
}
],
"notes": [
{
"category": "general",
"text": "In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of fonts, leading to information disclosure or a crash (denial of service). This occurs because \u0027\\0\u0027 characters are incorrectly skipped in situations involving ? characters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13720",
"url": "https://www.suse.com/security/cve/CVE-2017-13720"
},
{
"category": "external",
"summary": "SUSE Bug 1054285 for CVE-2017-13720",
"url": "https://bugzilla.suse.com/1054285"
},
{
"category": "external",
"summary": "SUSE Bug 1159415 for CVE-2017-13720",
"url": "https://bugzilla.suse.com/1159415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13720"
},
{
"cve": "CVE-2017-13722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13722"
}
],
"notes": [
{
"category": "general",
"text": "In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xserver for a buffer over-read, for information disclosure or a crash of the X server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13722",
"url": "https://www.suse.com/security/cve/CVE-2017-13722"
},
{
"category": "external",
"summary": "SUSE Bug 1049692 for CVE-2017-13722",
"url": "https://bugzilla.suse.com/1049692"
},
{
"category": "external",
"summary": "SUSE Bug 1159415 for CVE-2017-13722",
"url": "https://bugzilla.suse.com/1159415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-13722"
},
{
"cve": "CVE-2017-16611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16611"
}
],
"notes": [
{
"category": "general",
"text": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16611",
"url": "https://www.suse.com/security/cve/CVE-2017-16611"
},
{
"category": "external",
"summary": "SUSE Bug 1050459 for CVE-2017-16611",
"url": "https://bugzilla.suse.com/1050459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont-devel-32bit-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-1.5.4-2.18.x86_64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.aarch64",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.ppc64le",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.s390x",
"openSUSE Tumbleweed:libXfont1-32bit-1.5.4-2.18.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-16611"
}
]
}
OPENSUSE-SU-2024:10922-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libXfont2-2-2.0.5-1.2 on GA media
Severity
Moderate
Notes
Title of the patch: libXfont2-2-2.0.5-1.2 on GA media
Description of the patch: These are all security issues fixed in the libXfont2-2-2.0.5-1.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10922
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libXfont2-2-2.0.5-1.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libXfont2-2-2.0.5-1.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10922",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10922-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-16611 page",
"url": "https://www.suse.com/security/cve/CVE-2017-16611/"
}
],
"title": "libXfont2-2-2.0.5-1.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10922-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libXfont2-2-2.0.5-1.2.aarch64",
"product": {
"name": "libXfont2-2-2.0.5-1.2.aarch64",
"product_id": "libXfont2-2-2.0.5-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont2-2-32bit-2.0.5-1.2.aarch64",
"product": {
"name": "libXfont2-2-32bit-2.0.5-1.2.aarch64",
"product_id": "libXfont2-2-32bit-2.0.5-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-2.0.5-1.2.aarch64",
"product": {
"name": "libXfont2-devel-2.0.5-1.2.aarch64",
"product_id": "libXfont2-devel-2.0.5-1.2.aarch64"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"product": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"product_id": "libXfont2-devel-32bit-2.0.5-1.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont2-2-2.0.5-1.2.ppc64le",
"product": {
"name": "libXfont2-2-2.0.5-1.2.ppc64le",
"product_id": "libXfont2-2-2.0.5-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"product": {
"name": "libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"product_id": "libXfont2-2-32bit-2.0.5-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-2.0.5-1.2.ppc64le",
"product": {
"name": "libXfont2-devel-2.0.5-1.2.ppc64le",
"product_id": "libXfont2-devel-2.0.5-1.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"product": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"product_id": "libXfont2-devel-32bit-2.0.5-1.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont2-2-2.0.5-1.2.s390x",
"product": {
"name": "libXfont2-2-2.0.5-1.2.s390x",
"product_id": "libXfont2-2-2.0.5-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libXfont2-2-32bit-2.0.5-1.2.s390x",
"product": {
"name": "libXfont2-2-32bit-2.0.5-1.2.s390x",
"product_id": "libXfont2-2-32bit-2.0.5-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-2.0.5-1.2.s390x",
"product": {
"name": "libXfont2-devel-2.0.5-1.2.s390x",
"product_id": "libXfont2-devel-2.0.5-1.2.s390x"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-32bit-2.0.5-1.2.s390x",
"product": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.s390x",
"product_id": "libXfont2-devel-32bit-2.0.5-1.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libXfont2-2-2.0.5-1.2.x86_64",
"product": {
"name": "libXfont2-2-2.0.5-1.2.x86_64",
"product_id": "libXfont2-2-2.0.5-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont2-2-32bit-2.0.5-1.2.x86_64",
"product": {
"name": "libXfont2-2-32bit-2.0.5-1.2.x86_64",
"product_id": "libXfont2-2-32bit-2.0.5-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-2.0.5-1.2.x86_64",
"product": {
"name": "libXfont2-devel-2.0.5-1.2.x86_64",
"product_id": "libXfont2-devel-2.0.5-1.2.x86_64"
}
},
{
"category": "product_version",
"name": "libXfont2-devel-32bit-2.0.5-1.2.x86_64",
"product": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.x86_64",
"product_id": "libXfont2-devel-32bit-2.0.5-1.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-2.0.5-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.aarch64"
},
"product_reference": "libXfont2-2-2.0.5-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-2.0.5-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.ppc64le"
},
"product_reference": "libXfont2-2-2.0.5-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-2.0.5-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.s390x"
},
"product_reference": "libXfont2-2-2.0.5-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-2.0.5-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.x86_64"
},
"product_reference": "libXfont2-2-2.0.5-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-32bit-2.0.5-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.aarch64"
},
"product_reference": "libXfont2-2-32bit-2.0.5-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-32bit-2.0.5-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.ppc64le"
},
"product_reference": "libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-32bit-2.0.5-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.s390x"
},
"product_reference": "libXfont2-2-32bit-2.0.5-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-2-32bit-2.0.5-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.x86_64"
},
"product_reference": "libXfont2-2-32bit-2.0.5-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-2.0.5-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.aarch64"
},
"product_reference": "libXfont2-devel-2.0.5-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-2.0.5-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.ppc64le"
},
"product_reference": "libXfont2-devel-2.0.5-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-2.0.5-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.s390x"
},
"product_reference": "libXfont2-devel-2.0.5-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-2.0.5-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.x86_64"
},
"product_reference": "libXfont2-devel-2.0.5-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.aarch64"
},
"product_reference": "libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.ppc64le"
},
"product_reference": "libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.s390x"
},
"product_reference": "libXfont2-devel-32bit-2.0.5-1.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libXfont2-devel-32bit-2.0.5-1.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.x86_64"
},
"product_reference": "libXfont2-devel-32bit-2.0.5-1.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-16611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-16611"
}
],
"notes": [
{
"category": "general",
"text": "In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read) files on the system as root, triggering tape rewinds, watchdogs, or similar mechanisms that can be triggered by opening files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-16611",
"url": "https://www.suse.com/security/cve/CVE-2017-16611"
},
{
"category": "external",
"summary": "SUSE Bug 1050459 for CVE-2017-16611",
"url": "https://bugzilla.suse.com/1050459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-2-32bit-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-2.0.5-1.2.x86_64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.aarch64",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.ppc64le",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.s390x",
"openSUSE Tumbleweed:libXfont2-devel-32bit-2.0.5-1.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-16611"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…