Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-3978 (GCVE-0-2023-3978)
Vulnerability from cvelistv5 – Published: 2023-08-02 19:48 – Updated: 2024-09-27 21:57
VLAI
EPSS
Title
Improper rendering of text nodes in golang.org/x/net/html
Summary
Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
3 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/html |
Affected:
0 , < 0.13.0
(semver)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/61615"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/514896"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2023-1988"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-27T21:49:56.220204Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T21:57:51.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/html",
"product": "golang.org/x/net/html",
"programRoutines": [
{
"name": "render1"
},
{
"name": "Render"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.13.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-02T19:48:56.676Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/61615"
},
{
"url": "https://go.dev/cl/514896"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-1988"
}
],
"title": "Improper rendering of text nodes in golang.org/x/net/html"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-3978",
"datePublished": "2023-08-02T19:48:56.676Z",
"dateReserved": "2023-07-27T17:05:38.856Z",
"dateUpdated": "2024-09-27T21:57:51.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-3978",
"date": "2026-06-26",
"epss": "0.00843",
"percentile": "0.53296"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-3978\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2023-08-02T20:15:12.097\",\"lastModified\":\"2026-06-17T06:15:34.287\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/net\",\"product\":\"golang.org/x/net/html\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/net/html\",\"programRoutines\":[{\"name\":\"render1\"},{\"name\":\"Render\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.13.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-09-27T21:49:56.220204Z\",\"id\":\"CVE-2023-3978\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:networking:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.13.0\",\"matchCriteriaId\":\"791C8F5E-A214-4005-891D-B6FBD968A55C\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/514896\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/61615\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-1988\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://go.dev/cl/514896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/61615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-1988\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2023-08-02T19:48:56.676Z\"}, \"title\": \"Improper rendering of text nodes in golang.org/x/net/html\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/html\", \"collectionURL\": \"https://pkg.go.dev\", \"packageName\": \"golang.org/x/net/html\", \"versions\": [{\"version\": \"0\", \"lessThan\": \"0.13.0\", \"status\": \"affected\", \"versionType\": \"semver\"}], \"programRoutines\": [{\"name\": \"render1\"}, {\"name\": \"Render\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/61615\"}, {\"url\": \"https://go.dev/cl/514896\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-1988\"}]}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:08:50.711Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/issue/61615\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/cl/514896\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-1988\", \"tags\": [\"x_transferred\"]}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3978\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-27T21:49:56.220204Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-27T21:49:57.493Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2023-3978\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Go\", \"dateReserved\": \"2023-07-27T17:05:38.856Z\", \"datePublished\": \"2023-08-02T19:48:56.676Z\", \"dateUpdated\": \"2024-09-27T21:57:51.807Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2024:4019-1
Vulnerability from csaf_suse - Published: 2024-11-18 13:24 - Updated: 2024-11-18 13:24Summary
Security update for SUSE Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update for SUSE Manager Client Tools
Description of the patch: This update fixes the following issues:
golang-github-lusitaniae-apache_exporter was updated from version 1.0.1 to 1.0.8:
- Security issues fixed:
* CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 (bsc#1213933)
- Bugs fixed:
* Require Go 1.20 when building for RedHat derivatives
* Version 1.0.8 (bsc#1227341):
+ Update prometheus/client_golang to version 1.19.1
+ Update x/net to version 0.23.0
* Version 1.0.7:
+ Update protobuf to version 1.33.0
+ Update prometheus/client_golang to version 1.19.0
+ Update prometheus/common to version 0.46.0
+ Standardize landing page
* Version 1.0.6:
+ Update prometheus/exporter-toolkit to version 0.11.0
+ Update prometheus/client_golang to version 1.18.0
+ Added User-Agent header
* Version 1.0.4:
+ Update x/crypto to version 0.17.0
+ Update alecthomas/kingpin/v2 to version 2.4.0
+ Update prometheus/common to version 0.45.0
* Version 1.0.3:
+ Update prometheus/client_golang to version 1.17.0
+ Update x/net 0.17.0
* Version 1.0.1:
+ Update prometheus/exporter-toolkit to version 0.10.0
+ Update prometheus/common to version 0.44.0
+ Update prometheus/client_golang to version 1.16.0
scap-security-guide was updated from version 0.1.73 to 0.1.74:
- Version 0.1.74 (jsc#ECO-3319):
* Added Amazon Linux 2023 product
* Introduce new remediation type Kickstart
* Make PAM macros more flexible to variables
* Remove Debian 10 Product
* Remove Red Hat Enterprise Linux 7 product
* Update CIS RHEL9 control file to v2.0.0
spacecmd was updated from version 5.0.9-0 to 5.0.10-0:
- Version 5.0.10-0:
* Speed up softwarechannel_removepackages (bsc#1227606)
* Fixed error in 'kickstart_delete' when using wildcards
(bsc#1227578)
* Spacecmd bootstrap now works with specified port (bsc#1229437)
* Fixed sls backup creation as directory with spacecmd (bsc#1230745)
uyuni-tools was updated from version 0.1.21-0 to 0.1.23-0:
- Version 0.1.23-0:
* Ensure namespace is defined in all kubernetes commands
* Use SCC credentials to authenticate against registry.suse.com
for kubernetes (bsc#1231157)
* Fixed namespace usage on mgrctl cp command
- Version 0.1.22-0:
* Set projectId also for test packages/images
* mgradm migration should not pull Confidential Computing and Hub
image is replicas == 0 (bsc#1229432, bsc#1230136)
* Do not allow SUSE Manager downgrade
* Prevent completion issue when /var/log/uyuni-tools.log is missing
* Fixed proxy shared volume flag
* During migration, exclude mgr-sync configuration file (bsc#1228685)
* Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and
postgresql.conf files (bsc#1231206)
* During migration, handle empty autoinstallation path (bsc#1230285)
* During migration, handle symlinks (bsc#1230288)
* During migration, trust the remote sender's file list (bsc#1228424)
* Use SCC flags during podman pull
* Restore SELinux permission after migration (bsc#1229501)
* Share volumes between containers (bsc#1223142)
* Save supportconfig in current directory (bsc#1226759)
* Fixed error code handling on reinstallation (bsc#1230139)
* Fixed creation of first user and organization
* Added missing variable quotes for install vars (bsc#1229108)
* Added API login and logout calls to allow persistent login
Patchnames: SUSE-2024-4019,SUSE-EL-9-CLIENT-TOOLS-2024-4019
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.4 (Medium)
Affected products
Recommended
51 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-bash-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-zsh-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.74-1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-5.0.10-1.41.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-docs-1.20.12-1.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-misc-1.20.12-1.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-src-1.20.12-1.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:golang-tests-1.20.12-1.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-bash-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-zsh-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-bash-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-zsh-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-bash-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-zsh-completion-0.1.23-1.11.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.74-1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.74-1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.74-1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.74-1.29.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-5.0.10-1.41.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-lusitaniae-apache_exporter was updated from version 1.0.1 to 1.0.8:\n\n- Security issues fixed:\n\n * CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 (bsc#1213933)\n\n- Bugs fixed:\n\n * Require Go 1.20 when building for RedHat derivatives\n * Version 1.0.8 (bsc#1227341):\n\n + Update prometheus/client_golang to version 1.19.1\n + Update x/net to version 0.23.0\n\n * Version 1.0.7:\n\n + Update protobuf to version 1.33.0\n + Update prometheus/client_golang to version 1.19.0\n + Update prometheus/common to version 0.46.0\n + Standardize landing page\n\n * Version 1.0.6:\n\n + Update prometheus/exporter-toolkit to version 0.11.0\n + Update prometheus/client_golang to version 1.18.0\n + Added User-Agent header\n\n * Version 1.0.4:\n\n + Update x/crypto to version 0.17.0\n + Update alecthomas/kingpin/v2 to version 2.4.0\n + Update prometheus/common to version 0.45.0\n\n * Version 1.0.3:\n\n + Update prometheus/client_golang to version 1.17.0\n + Update x/net 0.17.0\n\n * Version 1.0.1:\n\n + Update prometheus/exporter-toolkit to version 0.10.0\n + Update prometheus/common to version 0.44.0\n + Update prometheus/client_golang to version 1.16.0\n\nscap-security-guide was updated from version 0.1.73 to 0.1.74:\n\n- Version 0.1.74 (jsc#ECO-3319):\n \n * Added Amazon Linux 2023 product\n * Introduce new remediation type Kickstart\n * Make PAM macros more flexible to variables\n * Remove Debian 10 Product\n * Remove Red Hat Enterprise Linux 7 product\n * Update CIS RHEL9 control file to v2.0.0\n\nspacecmd was updated from version 5.0.9-0 to 5.0.10-0:\n\n- Version 5.0.10-0:\n\n * Speed up softwarechannel_removepackages (bsc#1227606)\n * Fixed error in \u0027kickstart_delete\u0027 when using wildcards\n (bsc#1227578)\n * Spacecmd bootstrap now works with specified port (bsc#1229437)\n * Fixed sls backup creation as directory with spacecmd (bsc#1230745)\n\nuyuni-tools was updated from version 0.1.21-0 to 0.1.23-0:\n\n- Version 0.1.23-0:\n\n * Ensure namespace is defined in all kubernetes commands\n * Use SCC credentials to authenticate against registry.suse.com\n for kubernetes (bsc#1231157)\n * Fixed namespace usage on mgrctl cp command\n\n- Version 0.1.22-0:\n\n * Set projectId also for test packages/images\n * mgradm migration should not pull Confidential Computing and Hub\n image is replicas == 0 (bsc#1229432, bsc#1230136)\n * Do not allow SUSE Manager downgrade\n * Prevent completion issue when /var/log/uyuni-tools.log is missing\n * Fixed proxy shared volume flag\n * During migration, exclude mgr-sync configuration file (bsc#1228685)\n * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and\n postgresql.conf files (bsc#1231206)\n * During migration, handle empty autoinstallation path (bsc#1230285)\n * During migration, handle symlinks (bsc#1230288)\n * During migration, trust the remote sender\u0027s file list (bsc#1228424)\n * Use SCC flags during podman pull\n * Restore SELinux permission after migration (bsc#1229501)\n * Share volumes between containers (bsc#1223142)\n * Save supportconfig in current directory (bsc#1226759)\n * Fixed error code handling on reinstallation (bsc#1230139)\n * Fixed creation of first user and organization\n * Added missing variable quotes for install vars (bsc#1229108)\n * Added API login and logout calls to allow persistent login\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-4019,SUSE-EL-9-CLIENT-TOOLS-2024-4019",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_4019-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:4019-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20244019-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:4019-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019832.html"
},
{
"category": "self",
"summary": "SUSE Bug 1213933",
"url": "https://bugzilla.suse.com/1213933"
},
{
"category": "self",
"summary": "SUSE Bug 1223142",
"url": "https://bugzilla.suse.com/1223142"
},
{
"category": "self",
"summary": "SUSE Bug 1226759",
"url": "https://bugzilla.suse.com/1226759"
},
{
"category": "self",
"summary": "SUSE Bug 1227341",
"url": "https://bugzilla.suse.com/1227341"
},
{
"category": "self",
"summary": "SUSE Bug 1227578",
"url": "https://bugzilla.suse.com/1227578"
},
{
"category": "self",
"summary": "SUSE Bug 1227606",
"url": "https://bugzilla.suse.com/1227606"
},
{
"category": "self",
"summary": "SUSE Bug 1228424",
"url": "https://bugzilla.suse.com/1228424"
},
{
"category": "self",
"summary": "SUSE Bug 1228685",
"url": "https://bugzilla.suse.com/1228685"
},
{
"category": "self",
"summary": "SUSE Bug 1229108",
"url": "https://bugzilla.suse.com/1229108"
},
{
"category": "self",
"summary": "SUSE Bug 1229432",
"url": "https://bugzilla.suse.com/1229432"
},
{
"category": "self",
"summary": "SUSE Bug 1229437",
"url": "https://bugzilla.suse.com/1229437"
},
{
"category": "self",
"summary": "SUSE Bug 1229501",
"url": "https://bugzilla.suse.com/1229501"
},
{
"category": "self",
"summary": "SUSE Bug 1230136",
"url": "https://bugzilla.suse.com/1230136"
},
{
"category": "self",
"summary": "SUSE Bug 1230139",
"url": "https://bugzilla.suse.com/1230139"
},
{
"category": "self",
"summary": "SUSE Bug 1230285",
"url": "https://bugzilla.suse.com/1230285"
},
{
"category": "self",
"summary": "SUSE Bug 1230288",
"url": "https://bugzilla.suse.com/1230288"
},
{
"category": "self",
"summary": "SUSE Bug 1230745",
"url": "https://bugzilla.suse.com/1230745"
},
{
"category": "self",
"summary": "SUSE Bug 1231157",
"url": "https://bugzilla.suse.com/1231157"
},
{
"category": "self",
"summary": "SUSE Bug 1231206",
"url": "https://bugzilla.suse.com/1231206"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-3978 page",
"url": "https://www.suse.com/security/cve/CVE-2023-3978/"
}
],
"title": "Security update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2024-11-18T13:24:46Z",
"generator": {
"date": "2024-11-18T13:24:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:4019-1",
"initial_release_date": "2024-11-18T13:24:46Z",
"revision_history": [
{
"date": "2024-11-18T13:24:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-1.20.12-1.3.1.aarch64",
"product": {
"name": "golang-1.20.12-1.3.1.aarch64",
"product_id": "golang-1.20.12-1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-bin-1.20.12-1.3.1.aarch64",
"product": {
"name": "golang-bin-1.20.12-1.3.1.aarch64",
"product_id": "golang-bin-1.20.12-1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgradm-0.1.23-1.11.1.aarch64",
"product": {
"name": "mgradm-0.1.23-1.11.1.aarch64",
"product_id": "mgradm-0.1.23-1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.23-1.11.1.aarch64",
"product": {
"name": "mgrctl-0.1.23-1.11.1.aarch64",
"product_id": "mgrctl-0.1.23-1.11.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrpxy-0.1.23-1.11.1.aarch64",
"product": {
"name": "mgrpxy-0.1.23-1.11.1.aarch64",
"product_id": "mgrpxy-0.1.23-1.11.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-1.20.12-1.3.1.noarch",
"product": {
"name": "golang-docs-1.20.12-1.3.1.noarch",
"product_id": "golang-docs-1.20.12-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "golang-misc-1.20.12-1.3.1.noarch",
"product": {
"name": "golang-misc-1.20.12-1.3.1.noarch",
"product_id": "golang-misc-1.20.12-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "golang-src-1.20.12-1.3.1.noarch",
"product": {
"name": "golang-src-1.20.12-1.3.1.noarch",
"product_id": "golang-src-1.20.12-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "golang-tests-1.20.12-1.3.1.noarch",
"product": {
"name": "golang-tests-1.20.12-1.3.1.noarch",
"product_id": "golang-tests-1.20.12-1.3.1.noarch"
}
},
{
"category": "product_version",
"name": "mgradm-bash-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgradm-bash-completion-0.1.23-1.11.1.noarch",
"product_id": "mgradm-bash-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"product_id": "mgradm-zsh-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"product_id": "mgrctl-bash-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"product_id": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"product_id": "mgrpxy-bash-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"product": {
"name": "mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"product_id": "mgrpxy-zsh-completion-0.1.23-1.11.1.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-0.1.74-1.29.1.noarch",
"product": {
"name": "scap-security-guide-0.1.74-1.29.1.noarch",
"product_id": "scap-security-guide-0.1.74-1.29.1.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-debian-0.1.74-1.29.1.noarch",
"product": {
"name": "scap-security-guide-debian-0.1.74-1.29.1.noarch",
"product_id": "scap-security-guide-debian-0.1.74-1.29.1.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"product": {
"name": "scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"product_id": "scap-security-guide-redhat-0.1.74-1.29.1.noarch"
}
},
{
"category": "product_version",
"name": "scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"product": {
"name": "scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"product_id": "scap-security-guide-ubuntu-0.1.74-1.29.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.10-1.41.1.noarch",
"product": {
"name": "spacecmd-5.0.10-1.41.1.noarch",
"product_id": "spacecmd-5.0.10-1.41.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-1.20.12-1.3.1.ppc64le",
"product": {
"name": "golang-1.20.12-1.3.1.ppc64le",
"product_id": "golang-1.20.12-1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-bin-1.20.12-1.3.1.ppc64le",
"product": {
"name": "golang-bin-1.20.12-1.3.1.ppc64le",
"product_id": "golang-bin-1.20.12-1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgradm-0.1.23-1.11.1.ppc64le",
"product": {
"name": "mgradm-0.1.23-1.11.1.ppc64le",
"product_id": "mgradm-0.1.23-1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.23-1.11.1.ppc64le",
"product": {
"name": "mgrctl-0.1.23-1.11.1.ppc64le",
"product_id": "mgrctl-0.1.23-1.11.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrpxy-0.1.23-1.11.1.ppc64le",
"product": {
"name": "mgrpxy-0.1.23-1.11.1.ppc64le",
"product_id": "mgrpxy-0.1.23-1.11.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-1.20.12-1.3.1.s390x",
"product": {
"name": "golang-1.20.12-1.3.1.s390x",
"product_id": "golang-1.20.12-1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-bin-1.20.12-1.3.1.s390x",
"product": {
"name": "golang-bin-1.20.12-1.3.1.s390x",
"product_id": "golang-bin-1.20.12-1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "mgradm-0.1.23-1.11.1.s390x",
"product": {
"name": "mgradm-0.1.23-1.11.1.s390x",
"product_id": "mgradm-0.1.23-1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.23-1.11.1.s390x",
"product": {
"name": "mgrctl-0.1.23-1.11.1.s390x",
"product_id": "mgrctl-0.1.23-1.11.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrpxy-0.1.23-1.11.1.s390x",
"product": {
"name": "mgrpxy-0.1.23-1.11.1.s390x",
"product_id": "mgrpxy-0.1.23-1.11.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-1.20.12-1.3.1.x86_64",
"product": {
"name": "golang-1.20.12-1.3.1.x86_64",
"product_id": "golang-1.20.12-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-bin-1.20.12-1.3.1.x86_64",
"product": {
"name": "golang-bin-1.20.12-1.3.1.x86_64",
"product_id": "golang-bin-1.20.12-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgradm-0.1.23-1.11.1.x86_64",
"product": {
"name": "mgradm-0.1.23-1.11.1.x86_64",
"product_id": "mgradm-0.1.23-1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.23-1.11.1.x86_64",
"product": {
"name": "mgrctl-0.1.23-1.11.1.x86_64",
"product_id": "mgrctl-0.1.23-1.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrpxy-0.1.23-1.11.1.x86_64",
"product": {
"name": "mgrpxy-0.1.23-1.11.1.x86_64",
"product_id": "mgrpxy-0.1.23-1.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE:EL-9:Update:Products:ManagerTools:Update",
"product": {
"name": "SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product": {
"name": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.20.12-1.3.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.aarch64"
},
"product_reference": "golang-1.20.12-1.3.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.20.12-1.3.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.ppc64le"
},
"product_reference": "golang-1.20.12-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.20.12-1.3.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.s390x"
},
"product_reference": "golang-1.20.12-1.3.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-1.20.12-1.3.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.x86_64"
},
"product_reference": "golang-1.20.12-1.3.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.20.12-1.3.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.aarch64"
},
"product_reference": "golang-bin-1.20.12-1.3.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.20.12-1.3.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.ppc64le"
},
"product_reference": "golang-bin-1.20.12-1.3.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.20.12-1.3.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.s390x"
},
"product_reference": "golang-bin-1.20.12-1.3.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-1.20.12-1.3.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.x86_64"
},
"product_reference": "golang-bin-1.20.12-1.3.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-1.20.12-1.3.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-docs-1.20.12-1.3.1.noarch"
},
"product_reference": "golang-docs-1.20.12-1.3.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-1.20.12-1.3.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-misc-1.20.12-1.3.1.noarch"
},
"product_reference": "golang-misc-1.20.12-1.3.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-1.20.12-1.3.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-src-1.20.12-1.3.1.noarch"
},
"product_reference": "golang-src-1.20.12-1.3.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-1.20.12-1.3.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:golang-tests-1.20.12-1.3.1.noarch"
},
"product_reference": "golang-tests-1.20.12-1.3.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-0.1.23-1.11.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.aarch64"
},
"product_reference": "mgradm-0.1.23-1.11.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-0.1.23-1.11.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.ppc64le"
},
"product_reference": "mgradm-0.1.23-1.11.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-0.1.23-1.11.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.s390x"
},
"product_reference": "mgradm-0.1.23-1.11.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-0.1.23-1.11.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.x86_64"
},
"product_reference": "mgradm-0.1.23-1.11.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-bash-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-bash-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgradm-bash-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgradm-zsh-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-zsh-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.aarch64"
},
"product_reference": "mgrctl-0.1.23-1.11.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.ppc64le"
},
"product_reference": "mgrctl-0.1.23-1.11.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.s390x"
},
"product_reference": "mgrctl-0.1.23-1.11.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.x86_64"
},
"product_reference": "mgrctl-0.1.23-1.11.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-bash-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-zsh-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-0.1.23-1.11.1.aarch64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.aarch64"
},
"product_reference": "mgrpxy-0.1.23-1.11.1.aarch64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-0.1.23-1.11.1.ppc64le as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.ppc64le"
},
"product_reference": "mgrpxy-0.1.23-1.11.1.ppc64le",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-0.1.23-1.11.1.s390x as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.s390x"
},
"product_reference": "mgrpxy-0.1.23-1.11.1.s390x",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-0.1.23-1.11.1.x86_64 as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.x86_64"
},
"product_reference": "mgrpxy-0.1.23-1.11.1.x86_64",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-bash-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-bash-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrpxy-zsh-completion-0.1.23-1.11.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-zsh-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-0.1.74-1.29.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.74-1.29.1.noarch"
},
"product_reference": "scap-security-guide-0.1.74-1.29.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-debian-0.1.74-1.29.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.74-1.29.1.noarch"
},
"product_reference": "scap-security-guide-debian-0.1.74-1.29.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-redhat-0.1.74-1.29.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.74-1.29.1.noarch"
},
"product_reference": "scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-ubuntu-0.1.74-1.29.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.74-1.29.1.noarch"
},
"product_reference": "scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.10-1.41.1.noarch as component of SUSE:EL-9:Update:Products:ManagerTools:Update",
"product_id": "SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-5.0.10-1.41.1.noarch"
},
"product_reference": "spacecmd-5.0.10-1.41.1.noarch",
"relates_to_product_reference": "SUSE:EL-9:Update:Products:ManagerTools:Update"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.aarch64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.aarch64"
},
"product_reference": "mgrctl-0.1.23-1.11.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.ppc64le as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.ppc64le"
},
"product_reference": "mgrctl-0.1.23-1.11.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.s390x as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.s390x"
},
"product_reference": "mgrctl-0.1.23-1.11.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.23-1.11.1.x86_64 as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.x86_64"
},
"product_reference": "mgrctl-0.1.23-1.11.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.23-1.11.1.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-bash-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-zsh-completion-0.1.23-1.11.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "scap-security-guide-redhat-0.1.74-1.29.1.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.74-1.29.1.noarch"
},
"product_reference": "scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.10-1.41.1.noarch as component of SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS",
"product_id": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-5.0.10-1.41.1.noarch"
},
"product_reference": "spacecmd-5.0.10-1.41.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-3978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-3978"
}
],
"notes": [
{
"category": "general",
"text": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-5.0.10-1.41.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-docs-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-misc-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-src-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-tests-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-5.0.10-1.41.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-3978",
"url": "https://www.suse.com/security/cve/CVE-2023-3978"
},
{
"category": "external",
"summary": "SUSE Bug 1213933 for CVE-2023-3978",
"url": "https://bugzilla.suse.com/1213933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-5.0.10-1.41.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-docs-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-misc-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-src-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-tests-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-5.0.10-1.41.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.s390x",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE Manager Client Tools for RHEL, Liberty and Clones 9-CLIENT-TOOLS:spacecmd-5.0.10-1.41.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-bin-1.20.12-1.3.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-docs-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-misc-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-src-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:golang-tests-1.20.12-1.3.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgradm-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrctl-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.aarch64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.ppc64le",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.s390x",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-0.1.23-1.11.1.x86_64",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-bash-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:mgrpxy-zsh-completion-0.1.23-1.11.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-debian-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-redhat-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:scap-security-guide-ubuntu-0.1.74-1.29.1.noarch",
"SUSE:EL-9:Update:Products:ManagerTools:Update:spacecmd-5.0.10-1.41.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-18T13:24:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-3978"
}
]
}
WID-SEC-W-2023-1938
Vulnerability from csaf_certbund - Published: 2023-08-01 22:00 - Updated: 2026-03-31 22:00Summary
Golang Go: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuführen oder einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go
Golang
|
cpe:/a:golang:go:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE Manager
SUSE
|
cpe:/a:suse:manager:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.3.1
Splunk / Splunk Enterprise
|
<9.3.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.3
Splunk / Splunk Enterprise
|
<9.2.3 | ||
|
Splunk Splunk Enterprise <9.1.6
Splunk / Splunk Enterprise
|
<9.1.6 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.48
Red Hat / OpenShift
|
Container Platform <4.12.48 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go
Golang
|
cpe:/a:golang:go:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE Manager
SUSE
|
cpe:/a:suse:manager:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.3.1
Splunk / Splunk Enterprise
|
<9.3.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.3
Splunk / Splunk Enterprise
|
<9.2.3 | ||
|
Splunk Splunk Enterprise <9.1.6
Splunk / Splunk Enterprise
|
<9.1.6 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.48
Red Hat / OpenShift
|
Container Platform <4.12.48 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
Affected products
Known affected
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go
Golang
|
cpe:/a:golang:go:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
SUSE Manager
SUSE
|
cpe:/a:suse:manager:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Splunk Splunk Enterprise <9.3.1
Splunk / Splunk Enterprise
|
<9.3.1 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Splunk Splunk Enterprise <9.2.3
Splunk / Splunk Enterprise
|
<9.2.3 | ||
|
Splunk Splunk Enterprise <9.1.6
Splunk / Splunk Enterprise
|
<9.1.6 | ||
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.48
Red Hat / OpenShift
|
Container Platform <4.12.48 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— |
References
43 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1938 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1938.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1938 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1938"
},
{
"category": "external",
"summary": "Github Security Advisory vom 2023-08-01",
"url": "https://github.com/golang/go/issues/61581"
},
{
"category": "external",
"summary": "Github Security Advisory vom 2023-08-01",
"url": "https://github.com/golang/go/issues/61582"
},
{
"category": "external",
"summary": "Github Security Advisory vom 2023-08-01",
"url": "https://github.com/golang/go/issues/61615"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-DC7CCEB285 vom 2023-08-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-dc7cceb285"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-684EB03DB0 vom 2023-08-23",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-684eb03db0"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C4B597D917 vom 2023-09-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c4b597d917"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-28CFF1A2DE vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-28cff1a2de"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-4D95D44E7B vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-4d95d44e7b"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-C862A1E289 vom 2023-10-07",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-c862a1e289"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-FF1E594F3D vom 2023-10-12",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-ff1e594f3d"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5888 vom 2023-10-19",
"url": "https://access.redhat.com/errata/RHSA-2023:5888"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6031 vom 2023-10-24",
"url": "https://access.redhat.com/errata/RHSA-2023:6031"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:5007 vom 2023-11-01",
"url": "https://access.redhat.com/errata/RHSA-2023:5007"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6474 vom 2023-11-07",
"url": "https://access.redhat.com/errata/RHSA-2023:6474"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6938 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:6938"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6939 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:6939"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7216 vom 2023-11-15",
"url": "https://access.redhat.com/errata/RHSA-2023:7216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7315 vom 2023-11-21",
"url": "https://access.redhat.com/errata/RHSA-2023:7315"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASECS-2024-031 vom 2024-01-09",
"url": "https://alas.aws.amazon.com/AL2/ALASECS-2024-031.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2024-A0C6906833 vom 2024-01-09",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-a0c6906833"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0485 vom 2024-01-31",
"url": "https://access.redhat.com/errata/RHSA-2024:0485"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7114471 vom 2024-02-02",
"url": "https://www.ibm.com/support/pages/node/7114471"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2446 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2446.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-037 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-037.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASDOCKER-2024-037 vom 2024-02-06",
"url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-037.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-E9CA3462AA vom 2024-02-12",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-e9ca3462aa"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7198 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:7198"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0944 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2024:0944"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7197 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:7197"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASECS-2024-035 vom 2024-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALASECS-2024-035.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1891 vom 2024-04-25",
"url": "https://access.redhat.com/errata/RHSA-2024:1891"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2024-1012 vom 2024-10-14",
"url": "https://advisory.splunk.com//advisories/SVD-2024-1012"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4011-1 vom 2024-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019833.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4019-1 vom 2024-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019832.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:4010-1 vom 2024-11-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019834.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10523 vom 2024-12-04",
"url": "https://access.redhat.com/errata/RHSA-2024:10523"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2025-3AD6D2FE5C vom 2025-07-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2025-3ad6d2fe5c"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2023:6939 vom 2025-11-28",
"url": "https://errata.build.resf.org/RLSA-2023:6939"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2023:6938 vom 2025-11-28",
"url": "https://errata.build.resf.org/RLSA-2023:6938"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8089-1 vom 2026-03-12",
"url": "https://ubuntu.com/security/notices/USN-8089-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8089-2 vom 2026-04-01",
"url": "https://ubuntu.com/security/notices/USN-8089-2"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-31T22:00:00.000+00:00",
"generator": {
"date": "2026-04-01T09:19:13.867+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2023-1938",
"initial_release_date": "2023-08-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-08-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-08-06T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-08-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-09-24T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-12T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-10-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-23T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-10-31T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-07T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-14T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-11-21T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-01-09T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon und Fedora aufgenommen"
},
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-04T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-02-05T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-02-11T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-02-27T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-04-25T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2024-11-18T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-12-04T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-03-12T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "27"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Golang Go",
"product": {
"name": "Golang Go",
"product_id": "T029035",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:-"
}
}
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.48",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.48",
"product_id": "T032442"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.48",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.48",
"product_id": "T032442-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.48"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager",
"product": {
"name": "SUSE Manager",
"product_id": "T010641",
"product_identification_helper": {
"cpe": "cpe:/a:suse:manager:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.3.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.1",
"product_id": "T038314"
}
},
{
"category": "product_version",
"name": "9.3.1",
"product": {
"name": "Splunk Splunk Enterprise 9.3.1",
"product_id": "T038314-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.3",
"product_id": "T038315"
}
},
{
"category": "product_version",
"name": "9.2.3",
"product": {
"name": "Splunk Splunk Enterprise 9.2.3",
"product_id": "T038315-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.6",
"product_id": "T038316"
}
},
{
"category": "product_version",
"name": "9.1.6",
"product": {
"name": "Splunk Splunk Enterprise 9.1.6",
"product_id": "T038316-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.6"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-29407",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T010641",
"T000126",
"T038314",
"398363",
"T038315",
"T038316",
"T032255",
"T032442",
"74185",
"T032495"
]
},
"release_date": "2023-08-01T22:00:00.000+00:00",
"title": "CVE-2023-29407"
},
{
"cve": "CVE-2023-29408",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T010641",
"T000126",
"T038314",
"398363",
"T038315",
"T038316",
"T032255",
"T032442",
"74185",
"T032495"
]
},
"release_date": "2023-08-01T22:00:00.000+00:00",
"title": "CVE-2023-29408"
},
{
"cve": "CVE-2023-3978",
"product_status": {
"known_affected": [
"T029035",
"67646",
"T010641",
"T000126",
"T038314",
"398363",
"T038315",
"T038316",
"T032255",
"T032442",
"74185",
"T032495"
]
},
"release_date": "2023-08-01T22:00:00.000+00:00",
"title": "CVE-2023-3978"
}
]
}
WID-SEC-W-2023-3146
Vulnerability from csaf_certbund - Published: 2023-12-13 23:00 - Updated: 2023-12-13 23:00Summary
IBM MQ Operator and Queue manager: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: IBM MQ ist eine Message Oriented Middleware von IBM.
Angriff: Ein Angreifer kann mehrere Schwachstellen in IBM MQ Operator and Queue manager ausnutzen, um einen Denial of Service Angriff durchzuführen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme: - Linux
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsmaßnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich.
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM MQ ist eine Message Oriented Middleware von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in IBM MQ Operator and Queue manager ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-3146 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3146.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-3146 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3146"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7096558 vom 2023-12-13",
"url": "https://www.ibm.com/support/pages/node/7096558"
}
],
"source_lang": "en-US",
"title": "IBM MQ Operator and Queue manager: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-12-13T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:02:48.819+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-3146",
"initial_release_date": "2023-12-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-12-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM MQ Operator \u003c v3.0.0",
"product": {
"name": "IBM MQ Operator \u003c v3.0.0",
"product_id": "T031689",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator__v3.0.0"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-4641",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-4641"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-43804",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-43804"
},
{
"cve": "CVE-2023-4016",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-4016"
},
{
"cve": "CVE-2023-3978",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-3978"
},
{
"cve": "CVE-2023-39325",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-39319",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-39319"
},
{
"cve": "CVE-2023-39318",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-39318"
},
{
"cve": "CVE-2023-29409",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-29409"
},
{
"cve": "CVE-2023-25173",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-25173"
},
{
"cve": "CVE-2023-25153",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2023-25153"
},
{
"cve": "CVE-2022-41723",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2022-41723"
},
{
"cve": "CVE-2022-41717",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2022-41717"
},
{
"cve": "CVE-2022-31030",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2022-31030"
},
{
"cve": "CVE-2022-23471",
"notes": [
{
"category": "description",
"text": "In IBM MQ Operator and Queue manager existieren mehrere Schwachstellen. Diese basieren auf Schwachstellen in mehreren Komponenten von RedHat Open Shift. Im Einzelnen sind dies: containerd, shadow-maint, shadow-utils, Golang Go, urllib3, procps-ng procps und das HTTP/2 Protokoll. Ein Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service zu verursachen, Informationen offenzulegen oder Sicherheitsma\u00dfnahmen zu umgehen. Zur Ausnutzung einiger dieser Schwachstellen ist eine Anmeldung oder Benutzerinteraktion erforderlich."
}
],
"release_date": "2023-12-13T23:00:00.000+00:00",
"title": "CVE-2022-23471"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…