Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-18934 (GCVE-0-2019-18934)
Vulnerability from cvelistv5 – Published: 2019-11-19 17:30 – Updated: 2024-08-05 02:02
VLAI
EPSS
Summary
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2019/11/19/1 | mailing-listx_refsource_MLIST |
| https://www.nlnetlabs.nl/downloads/unbound/CVE-20… | x_refsource_MISC |
| https://github.com/NLnetLabs/unbound/blob/release… | x_refsource_MISC |
| https://www.nlnetlabs.nl/news/2019/Nov/19/unbound… | x_refsource_CONFIRM |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"
},
{
"name": "FEDORA-2019-a29e620cd4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"
},
{
"name": "openSUSE-SU-2020:0912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"
},
{
"name": "openSUSE-SU-2020:0913",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-29T23:06:07.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"
},
{
"name": "FEDORA-2019-a29e620cd4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"
},
{
"name": "openSUSE-SU-2020:0912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"
},
{
"name": "openSUSE-SU-2020:0913",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20191119 CVE-2019-18934 Unbound: Vulnerability in IPSEC module",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/11/19/1"
},
{
"name": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt",
"refsource": "MISC",
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt"
},
{
"name": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog",
"refsource": "MISC",
"url": "https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog"
},
{
"name": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/",
"refsource": "CONFIRM",
"url": "https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/"
},
{
"name": "FEDORA-2019-a29e620cd4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/"
},
{
"name": "openSUSE-SU-2020:0912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html"
},
{
"name": "openSUSE-SU-2020:0913",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18934",
"datePublished": "2019-11-19T17:30:01.000Z",
"dateReserved": "2019-11-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-18934",
"date": "2026-05-29",
"epss": "0.00671",
"percentile": "0.71702"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-18934\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-11-19T18:15:10.523\",\"lastModified\":\"2024-11-21T04:33:52.093\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.\"},{\"lang\":\"es\",\"value\":\"Unbound versiones 1.6.4 hasta 1.9.4, contiene una vulnerabilidad en el m\u00f3dulo ipsec que puede causar una ejecuci\u00f3n de c\u00f3digo de shell despu\u00e9s de recibir una respuesta especialmente dise\u00f1ada. Este problema solo puede ser activado si unbound fue compilado con el soporte \\\"--enable-ipsecmod\\\", e ipsecmod est\u00e1 habilitado y usado en la configuraci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-78\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nlnetlabs:unbound:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.6.4\",\"versionEndIncluding\":\"1.9.4\",\"matchCriteriaId\":\"37721642-A2DA-4326-8D2C-8640D99EC472\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/11/19/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00069.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/11/19/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/NLnetLabs/unbound/blob/release-1.9.5/doc/Changelog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCR6JP7MSRARTOGEHGST64G4FJGX5VK/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.nlnetlabs.nl/news/2019/Nov/19/unbound-1.9.5-released/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
}
}
SUSE-SU-2020:1819-1
Vulnerability from csaf_suse - Published: 2020-07-01 14:19 - Updated: 2020-07-01 14:19Summary
Security update for unbound
Severity
Important
Notes
Title of the patch: Security update for unbound
Description of the patch: This update for unbound fixes the following issues:
- CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying
an incoming query into a large number of queries directed to a target (bsc#1171889).
- CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers
could have been used to make unbound unresponsive (bsc#1171889).
- CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed
code execution after receiving a special crafted answer (bsc#1157268).
Patchnames: SUSE-2020-1819,SUSE-SLE-Product-HPC-15-2020-1819,SUSE-SLE-Product-SLES-15-2020-1819,SUSE-SLE-Product-SLES_SAP-15-2020-1819
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for unbound",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for unbound fixes the following issues:\n\t \n- CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying \n an incoming query into a large number of queries directed to a target (bsc#1171889).\n- CVE-2020-12663: Fixed an issue where malformed answers from upstream name servers \n could have been used to make unbound unresponsive (bsc#1171889).\t \n- CVE-2019-18934: Fixed a vulnerability in the IPSec module which could have allowed \n code execution after receiving a special crafted answer (bsc#1157268).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-1819,SUSE-SLE-Product-HPC-15-2020-1819,SUSE-SLE-Product-SLES-15-2020-1819,SUSE-SLE-Product-SLES_SAP-15-2020-1819",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1819-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:1819-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20201819-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:1819-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007062.html"
},
{
"category": "self",
"summary": "SUSE Bug 1157268",
"url": "https://bugzilla.suse.com/1157268"
},
{
"category": "self",
"summary": "SUSE Bug 1171889",
"url": "https://bugzilla.suse.com/1171889"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-18934 page",
"url": "https://www.suse.com/security/cve/CVE-2019-18934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12662 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-12663 page",
"url": "https://www.suse.com/security/cve/CVE-2020-12663/"
}
],
"title": "Security update for unbound",
"tracking": {
"current_release_date": "2020-07-01T14:19:58Z",
"generator": {
"date": "2020-07-01T14:19:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:1819-1",
"initial_release_date": "2020-07-01T14:19:58Z",
"revision_history": [
{
"date": "2020-07-01T14:19:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libunbound-devel-mini-1.6.8-3.6.1.aarch64",
"product": {
"name": "libunbound-devel-mini-1.6.8-3.6.1.aarch64",
"product_id": "libunbound-devel-mini-1.6.8-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libunbound2-1.6.8-3.6.1.aarch64",
"product": {
"name": "libunbound2-1.6.8-3.6.1.aarch64",
"product_id": "libunbound2-1.6.8-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "unbound-1.6.8-3.6.1.aarch64",
"product": {
"name": "unbound-1.6.8-3.6.1.aarch64",
"product_id": "unbound-1.6.8-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "unbound-anchor-1.6.8-3.6.1.aarch64",
"product": {
"name": "unbound-anchor-1.6.8-3.6.1.aarch64",
"product_id": "unbound-anchor-1.6.8-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "unbound-devel-1.6.8-3.6.1.aarch64",
"product": {
"name": "unbound-devel-1.6.8-3.6.1.aarch64",
"product_id": "unbound-devel-1.6.8-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "unbound-python-1.6.8-3.6.1.aarch64",
"product": {
"name": "unbound-python-1.6.8-3.6.1.aarch64",
"product_id": "unbound-python-1.6.8-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libunbound-devel-mini-1.6.8-3.6.1.i586",
"product": {
"name": "libunbound-devel-mini-1.6.8-3.6.1.i586",
"product_id": "libunbound-devel-mini-1.6.8-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libunbound2-1.6.8-3.6.1.i586",
"product": {
"name": "libunbound2-1.6.8-3.6.1.i586",
"product_id": "libunbound2-1.6.8-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "unbound-1.6.8-3.6.1.i586",
"product": {
"name": "unbound-1.6.8-3.6.1.i586",
"product_id": "unbound-1.6.8-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "unbound-anchor-1.6.8-3.6.1.i586",
"product": {
"name": "unbound-anchor-1.6.8-3.6.1.i586",
"product_id": "unbound-anchor-1.6.8-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "unbound-devel-1.6.8-3.6.1.i586",
"product": {
"name": "unbound-devel-1.6.8-3.6.1.i586",
"product_id": "unbound-devel-1.6.8-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "unbound-python-1.6.8-3.6.1.i586",
"product": {
"name": "unbound-python-1.6.8-3.6.1.i586",
"product_id": "unbound-python-1.6.8-3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "unbound-munin-1.6.8-3.6.1.noarch",
"product": {
"name": "unbound-munin-1.6.8-3.6.1.noarch",
"product_id": "unbound-munin-1.6.8-3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libunbound-devel-mini-1.6.8-3.6.1.ppc64le",
"product": {
"name": "libunbound-devel-mini-1.6.8-3.6.1.ppc64le",
"product_id": "libunbound-devel-mini-1.6.8-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libunbound2-1.6.8-3.6.1.ppc64le",
"product": {
"name": "libunbound2-1.6.8-3.6.1.ppc64le",
"product_id": "libunbound2-1.6.8-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "unbound-1.6.8-3.6.1.ppc64le",
"product": {
"name": "unbound-1.6.8-3.6.1.ppc64le",
"product_id": "unbound-1.6.8-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "unbound-anchor-1.6.8-3.6.1.ppc64le",
"product": {
"name": "unbound-anchor-1.6.8-3.6.1.ppc64le",
"product_id": "unbound-anchor-1.6.8-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "unbound-devel-1.6.8-3.6.1.ppc64le",
"product": {
"name": "unbound-devel-1.6.8-3.6.1.ppc64le",
"product_id": "unbound-devel-1.6.8-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "unbound-python-1.6.8-3.6.1.ppc64le",
"product": {
"name": "unbound-python-1.6.8-3.6.1.ppc64le",
"product_id": "unbound-python-1.6.8-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libunbound-devel-mini-1.6.8-3.6.1.s390x",
"product": {
"name": "libunbound-devel-mini-1.6.8-3.6.1.s390x",
"product_id": "libunbound-devel-mini-1.6.8-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libunbound2-1.6.8-3.6.1.s390x",
"product": {
"name": "libunbound2-1.6.8-3.6.1.s390x",
"product_id": "libunbound2-1.6.8-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "unbound-1.6.8-3.6.1.s390x",
"product": {
"name": "unbound-1.6.8-3.6.1.s390x",
"product_id": "unbound-1.6.8-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "unbound-anchor-1.6.8-3.6.1.s390x",
"product": {
"name": "unbound-anchor-1.6.8-3.6.1.s390x",
"product_id": "unbound-anchor-1.6.8-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "unbound-devel-1.6.8-3.6.1.s390x",
"product": {
"name": "unbound-devel-1.6.8-3.6.1.s390x",
"product_id": "unbound-devel-1.6.8-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "unbound-python-1.6.8-3.6.1.s390x",
"product": {
"name": "unbound-python-1.6.8-3.6.1.s390x",
"product_id": "unbound-python-1.6.8-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libunbound-devel-mini-1.6.8-3.6.1.x86_64",
"product": {
"name": "libunbound-devel-mini-1.6.8-3.6.1.x86_64",
"product_id": "libunbound-devel-mini-1.6.8-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libunbound2-1.6.8-3.6.1.x86_64",
"product": {
"name": "libunbound2-1.6.8-3.6.1.x86_64",
"product_id": "libunbound2-1.6.8-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "unbound-1.6.8-3.6.1.x86_64",
"product": {
"name": "unbound-1.6.8-3.6.1.x86_64",
"product_id": "unbound-1.6.8-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "unbound-anchor-1.6.8-3.6.1.x86_64",
"product": {
"name": "unbound-anchor-1.6.8-3.6.1.x86_64",
"product_id": "unbound-anchor-1.6.8-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "unbound-devel-1.6.8-3.6.1.x86_64",
"product": {
"name": "unbound-devel-1.6.8-3.6.1.x86_64",
"product_id": "unbound-devel-1.6.8-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "unbound-python-1.6.8-3.6.1.x86_64",
"product": {
"name": "unbound-python-1.6.8-3.6.1.x86_64",
"product_id": "unbound-python-1.6.8-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le"
},
"product_reference": "libunbound2-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x"
},
"product_reference": "libunbound2-1.6.8-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le"
},
"product_reference": "libunbound2-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libunbound2-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64"
},
"product_reference": "libunbound2-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-anchor-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-anchor-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "unbound-devel-1.6.8-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
},
"product_reference": "unbound-devel-1.6.8-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-18934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-18934"
}
],
"notes": [
{
"category": "general",
"text": "Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-18934",
"url": "https://www.suse.com/security/cve/CVE-2019-18934"
},
{
"category": "external",
"summary": "SUSE Bug 1157268 for CVE-2019-18934",
"url": "https://bugzilla.suse.com/1157268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-01T14:19:58Z",
"details": "important"
}
],
"title": "CVE-2019-18934"
},
{
"cve": "CVE-2020-12662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12662"
}
],
"notes": [
{
"category": "general",
"text": "Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an \"NXNSAttack\" issue. This is triggered by random subdomains in the NSDNAME in NS records.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12662",
"url": "https://www.suse.com/security/cve/CVE-2020-12662"
},
{
"category": "external",
"summary": "SUSE Bug 1171889 for CVE-2020-12662",
"url": "https://bugzilla.suse.com/1171889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-01T14:19:58Z",
"details": "important"
}
],
"title": "CVE-2020-12662"
},
{
"cve": "CVE-2020-12663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-12663"
}
],
"notes": [
{
"category": "general",
"text": "Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-12663",
"url": "https://www.suse.com/security/cve/CVE-2020-12663"
},
{
"category": "external",
"summary": "SUSE Bug 1171889 for CVE-2020-12663",
"url": "https://bugzilla.suse.com/1171889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:unbound-devel-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libunbound2-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-anchor-1.6.8-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:unbound-devel-1.6.8-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-01T14:19:58Z",
"details": "important"
}
],
"title": "CVE-2020-12663"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…