Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-48795 (GCVE-0-2023-48795)
Vulnerability from cvelistv5 – Published: 2023-12-18 00:00 – Updated: 2026-05-12 11:02
VLAI
EPSS
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
Severity
5.9 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-354 - Improper Validation of Integrity Check Value
Assigner
References
139 references
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | RUGGEDCOM APE1808 |
Affected:
0 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
|
| Siemens | SIPLUS S7-1500 CPU 1518-4 PN/DP MFP |
Affected:
V3.1.5 , < *
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:05:21.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"
},
{
"url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.paramiko.org/changelog.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/openbsd.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.terrapin-attack.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"tags": [
"x_transferred"
],
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugs.gentoo.org/920280"
},
{
"tags": [
"x_transferred"
],
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"tags": [
"x_transferred"
],
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"tags": [
"x_transferred"
],
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"tags": [
"x_transferred"
],
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"tags": [
"x_transferred"
],
"url": "https://crates.io/crates/thrussh/versions"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"tags": [
"x_transferred"
],
"url": "https://filezilla-project.org/versions.php"
},
{
"tags": [
"x_transferred"
],
"url": "https://nova.app/releases/#v11.8"
},
{
"tags": [
"x_transferred"
],
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"tags": [
"x_transferred"
],
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-48795",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-22T05:01:05.519910Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-354",
"description": "CWE-354 Improper Validation of Integrity Check Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T20:45:57.733Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM APE1808",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "V3.1.5",
"versionType": "custom"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T11:02:25.905Z",
"orgId": "0b142b55-0307-4c5a-b3c9-f314f3fb7c5e",
"shortName": "siemens-SADP"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-794697.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-915275.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-769027.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
}
],
"x_adpType": "supplier"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:06:23.972Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"url": "https://matt.ucc.asn.au/dropbear/CHANGES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"
},
{
"url": "https://www.netsarang.com/en/xshell-update-history/"
},
{
"url": "https://www.paramiko.org/changelog.html"
},
{
"url": "https://www.openssh.com/openbsd.html"
},
{
"url": "https://github.com/openssh/openssh-portable/commits/master"
},
{
"url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"
},
{
"url": "https://www.bitvise.com/ssh-server-version-history"
},
{
"url": "https://github.com/ronf/asyncssh/tags"
},
{
"url": "https://gitlab.com/libssh/libssh-mirror/-/tags"
},
{
"url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"
},
{
"url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"
},
{
"url": "https://www.openssh.com/txt/release-9.6"
},
{
"url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"
},
{
"url": "https://www.terrapin-attack.com"
},
{
"url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"
},
{
"url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
},
{
"url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/"
},
{
"url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2"
},
{
"url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/18/2"
},
{
"url": "https://twitter.com/TrueSkrillor/status/1736774389725565005"
},
{
"url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"
},
{
"url": "https://github.com/paramiko/paramiko/issues/2337"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"
},
{
"url": "https://news.ycombinator.com/item?id=38684904"
},
{
"url": "https://news.ycombinator.com/item?id=38685286"
},
{
"name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/18/3"
},
{
"url": "https://github.com/mwiede/jsch/issues/457"
},
{
"url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"
},
{
"url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1"
},
{
"url": "https://github.com/advisories/GHSA-45x7-px36-x8w8"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/libssh2"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-48795"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"url": "https://bugs.gentoo.org/920280"
},
{
"url": "https://ubuntu.com/security/CVE-2023-48795"
},
{
"url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-48795"
},
{
"url": "https://github.com/mwiede/jsch/pull/461"
},
{
"url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"
},
{
"url": "https://github.com/libssh2/libssh2/pull/1291"
},
{
"url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack"
},
{
"url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"
},
{
"url": "https://github.com/rapier1/hpn-ssh/releases"
},
{
"url": "https://github.com/proftpd/proftpd/issues/456"
},
{
"url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"
},
{
"url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"
},
{
"url": "https://oryx-embedded.com/download/#changelog"
},
{
"url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"
},
{
"url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"
},
{
"url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"
},
{
"url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"
},
{
"url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"
},
{
"url": "https://crates.io/crates/thrussh/versions"
},
{
"url": "https://github.com/NixOS/nixpkgs/pull/275249"
},
{
"name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/19/5"
},
{
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"
},
{
"url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"
},
{
"name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"
},
{
"url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"
},
{
"url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"
},
{
"url": "https://github.com/apache/mina-sshd/issues/445"
},
{
"url": "https://github.com/hierynomus/sshj/issues/916"
},
{
"url": "https://github.com/janmojzis/tinyssh/issues/81"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/20/3"
},
{
"url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"
},
{
"url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"
},
{
"name": "FEDORA-2023-0733306be9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"
},
{
"name": "DSA-5586",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5586"
},
{
"url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"
},
{
"url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh"
},
{
"url": "https://filezilla-project.org/versions.php"
},
{
"url": "https://nova.app/releases/#v11.8"
},
{
"url": "https://roumenpetrov.info/secsh/#news20231220"
},
{
"url": "https://www.vandyke.com/products/securecrt/history.txt"
},
{
"url": "https://help.panic.com/releasenotes/transmit5/"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"
},
{
"url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189"
},
{
"url": "https://winscp.net/eng/docs/history#6.2.2"
},
{
"url": "https://www.bitvise.com/ssh-client-version-history#933"
},
{
"url": "https://github.com/cyd01/KiTTY/issues/520"
},
{
"name": "DSA-5588",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5588"
},
{
"url": "https://github.com/ssh-mitm/ssh-mitm/issues/165"
},
{
"url": "https://news.ycombinator.com/item?id=38732005"
},
{
"name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"
},
{
"name": "GLSA-202312-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-16"
},
{
"name": "GLSA-202312-17",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202312-17"
},
{
"name": "FEDORA-2023-20feb865d8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"
},
{
"name": "FEDORA-2023-cb8c606fbb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"
},
{
"name": "FEDORA-2023-e77300e4b5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"
},
{
"name": "FEDORA-2023-b87ec6cf47",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"
},
{
"name": "FEDORA-2023-153404713b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240105-0004/"
},
{
"name": "FEDORA-2024-3bb23c77f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"
},
{
"name": "FEDORA-2023-55800423a8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"
},
{
"name": "FEDORA-2024-d946b9ad25",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"
},
{
"name": "FEDORA-2024-71c2c6526c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"
},
{
"name": "FEDORA-2024-39a8c72ea9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"
},
{
"name": "FEDORA-2024-ae653fb07b",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"
},
{
"name": "FEDORA-2024-2705241461",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"
},
{
"name": "FEDORA-2024-fb32950d11",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"
},
{
"name": "FEDORA-2024-7b08207cdb",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"
},
{
"name": "FEDORA-2024-06ebb70bdd",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"
},
{
"name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"
},
{
"name": "FEDORA-2024-a53b24023d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"
},
{
"name": "FEDORA-2024-3fd1bc9276",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"
},
{
"url": "https://support.apple.com/kb/HT214084"
},
{
"name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2024/Mar/21"
},
{
"name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"
},
{
"name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/17/8"
},
{
"name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/06/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-48795",
"datePublished": "2023-12-18T00:00:00.000Z",
"dateReserved": "2023-11-20T00:00:00.000Z",
"dateUpdated": "2026-05-12T11:02:25.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-48795",
"date": "2026-06-04",
"epss": "0.54214",
"percentile": "0.98064"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-48795\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-18T16:15:10.897\",\"lastModified\":\"2026-05-12T11:16:15.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"},{\"lang\":\"es\",\"value\":\"El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociaci\u00f3n de extensi\u00f3n) y, en consecuencia, un cliente y un servidor pueden terminar con una conexi\u00f3n para la cual algunas caracter\u00edsticas de seguridad han sido degradadas o deshabilitadas, tambi\u00e9n conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de n\u00fameros de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisi\u00f3n se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto tambi\u00e9n afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podr\u00eda haber efectos en Bitvise SSH hasta la versi\u00f3n 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-354\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.6\",\"matchCriteriaId\":\"5308FBBB-F738-41C5-97A4-E40118E957CD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.80\",\"matchCriteriaId\":\"A9D807DB-9E20-4792-8A9F-4BFFC841BAB7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.66.4\",\"matchCriteriaId\":\"42915485-A4DA-48DD-9C15-415D2D39DC52\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.10.4\",\"matchCriteriaId\":\"31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.8\",\"matchCriteriaId\":\"F2FCF7EF-97D7-44CF-AC74-72D856901755\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"53CAD263-1C60-43BD-86A2-C8DB15FFB4C6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.2.2\",\"matchCriteriaId\":\"8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.33\",\"matchCriteriaId\":\"6209E375-10C7-4E65-A2E7-455A686717AC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.32\",\"matchCriteriaId\":\"1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.66.4\",\"matchCriteriaId\":\"3A71B523-0778-46C6-A38B-64452E0BB6E7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"418940E3-6DD1-4AA6-846A-03E059D0C681\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"411BA58A-33B6-44CA-B9D6-7F9042D46961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA17A153-30E4-4731-8706-8F74FCA50993\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB736F57-9BE3-4457-A10E-FA88D0932154\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.4.3\",\"matchCriteriaId\":\"6EB8D02D-87F3-414D-A3EA-43F594DAAC1B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.10.6\",\"matchCriteriaId\":\"AAB481DA-FBFE-4CC2-9AE7-22025FA07494\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*\",\"matchCriteriaId\":\"3D6FD459-F8E8-4126-8097-D30B4639404A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.11.0\",\"matchCriteriaId\":\"69510F52-C699-4E7D-87EF-7000682888F0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.3.8b\",\"matchCriteriaId\":\"9461430B-3709-45B6-8858-2101F5AE4481\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"12.4\",\"matchCriteriaId\":\"B9A01DF3-E20E-4F29-B5CF-DDF717D01E74\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.35.1\",\"matchCriteriaId\":\"D25EB73D-6145-4B7D-8F14-80FD0B458E99\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.1\",\"matchCriteriaId\":\"77594DEC-B5F7-4911-A13D-FFE91C74BAFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.3.4\",\"matchCriteriaId\":\"F8FF7E74-2351-4CD9-B717-FA28893293A1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.6.0\",\"matchCriteriaId\":\"82A93C12-FEB6-4E82-B283-0ED7820D807E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"build__0144\",\"matchCriteriaId\":\"B480AE79-2FA1-4281-9F0D-0DE812B9354D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.0\",\"matchCriteriaId\":\"826B6323-06F8-4B96-8771-3FA15A727B08\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"932D137F-528B-4526-9A89-CD59FA1AB0FE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E315FC5C-FF19-43C9-A58A-CF2A5FF13824\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA7EAD12-E398-44AF-9859-F3CA6C63BA6B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77675CB7-67D7-44E9-B7FF-D224B3341AA5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0AAA300-691A-4957-8B69-F6888CC971B1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45937289-2D64-47CB-A750-5B4F0D4664A0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97321212-0E07-4CC2-A917-7B5F61AB9A5A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E2C021C-A9F0-4EB4-ADED-81D8B57B4563\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BF8EFFB-5686-4F28-A68F-1A8854E098CE\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C877879-B84B-471C-80CF-0656521CA8AB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"379A5883-F6DF-41F5-9403-8D17F6605737\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B1D946-5978-4818-BF21-A43D9C1365E1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A7736-A403-4617-8790-18E46CB74DA6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E0DE4E1-5D8D-40F3-8AC8-C7F736966158\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88BF3B2C-B121-483A-AEF2-8082F6DA5310\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0FD736A-8730-446A-BA3A-7B608DB62B0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4C504B6-3902-46E2-82B7-48AEC9CDD48D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.17.0\",\"matchCriteriaId\":\"F92E56DF-98DF-4328-B37E-4D5744E4103D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*\",\"versionEndExcluding\":\"0.40.2\",\"matchCriteriaId\":\"AC12508E-3C31-44EA-B4F3-29316BE9B189\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.5.6\",\"matchCriteriaId\":\"1750028C-698D-4E84-B727-8A155A46ADEB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"22.3.4.27\",\"matchCriteriaId\":\"B38C0997-A8CC-473C-98CF-641FD21EB411\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"23.0\",\"versionEndExcluding\":\"23.3.4.20\",\"matchCriteriaId\":\"5887F3E2-9214-4FAE-8768-441D770E27C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"24.0\",\"versionEndExcluding\":\"24.3.4.15\",\"matchCriteriaId\":\"8D7CB988-94C4-45BE-AD9D-9C16899A71DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"25.0\",\"versionEndExcluding\":\"25.3.2.8\",\"matchCriteriaId\":\"EB749F4B-99FC-4AE8-BDB3-85B081B52F82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:erlang:erlang\\\\/otp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"26.0\",\"versionEndExcluding\":\"26.2.1\",\"matchCriteriaId\":\"2380909A-BA9B-4A76-82F2-D2D0EF242E57\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.2.15\",\"matchCriteriaId\":\"61119DB3-4336-4D3B-863A-0CCF4146E5C1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.11.1\",\"matchCriteriaId\":\"7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.14.2\",\"matchCriteriaId\":\"FAE46983-0ABC-49F7-AC18-A78FAC7E73AA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2022.83\",\"matchCriteriaId\":\"06BF3368-F232-4E6B-883E-A591EED5C827\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.1.0-snapshot\",\"matchCriteriaId\":\"36531FB6-5682-4BF1-9785-E9D6D1C4207B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.9.1.5\",\"matchCriteriaId\":\"A86A51EA-B501-42F8-91E6-4EA97DED767C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.11.1.7\",\"matchCriteriaId\":\"70989970-E224-4D1C-941E-BBFB2AE7285C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.12\",\"versionEndExcluding\":\"4.13.2.4\",\"matchCriteriaId\":\"E7819CE3-2849-4D15-874B-F6A68EF6D65F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.15.3.1\",\"matchCriteriaId\":\"F6A4DD8B-06AD-4F13-8F7E-1E2AAF81C119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.1.1\",\"matchCriteriaId\":\"D91ED5E1-1D75-4B63-B0A2-B2EB6D4AC685\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.4.6\",\"matchCriteriaId\":\"83B1AF39-C0B9-4031-B19A-BDDD4F337273\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"23.09.1\",\"matchCriteriaId\":\"2B71B0EF-888E-45E2-A055-F59CDCC1AFC7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.2\",\"matchCriteriaId\":\"8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.6.0\",\"matchCriteriaId\":\"C1795F7A-203F-400E-B09C-0FAF16D01CFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.22\",\"matchCriteriaId\":\"0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.11.0\",\"matchCriteriaId\":\"E2D7B0CA-C01F-4296-9425-48299E3889C5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.37.0\",\"matchCriteriaId\":\"1C3EB0B8-9E76-4146-AB02-02E20B91D55C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"20230101\",\"matchCriteriaId\":\"0582468A-149B-429F-978A-2AEDF4BE2606\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"0.76.1.13\",\"matchCriteriaId\":\"98321BF9-5E8F-4836-842C-47713B1C2775\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76BDAFDE-4515-42E6-820F-38AF4A786CF2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5920923E-0D52-44E5-801D-10B82846ED58\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"14.0\",\"versionEndExcluding\":\"14.4\",\"matchCriteriaId\":\"73160D1F-755B-46D2-969F-DF8E43BB1099\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2024/Mar/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/19/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/03/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/17/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://bugs.gentoo.org/920280\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1217950\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://crates.io/crates/thrussh/versions\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/NixOS/nixpkgs/pull/275249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/advisories/GHSA-45x7-px36-x8w8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/apache/mina-sshd/issues/445\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/cyd01/KiTTY/issues/520\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/hierynomus/sshj/issues/916\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/janmojzis/tinyssh/issues/81\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/libssh2/libssh2/pull/1291\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\"]},{\"url\":\"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/mwiede/jsch/issues/457\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/mwiede/jsch/pull/461\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/openssh/openssh-portable/commits/master\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/paramiko/paramiko/issues/2337\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/proftpd/proftpd/issues/456\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/rapier1/hpn-ssh/releases\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ronf/asyncssh/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/ssh-mitm/ssh-mitm/issues/165\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://github.com/warp-tech/russh/releases/tag/v0.40.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://gitlab.com/libssh/libssh-mirror/-/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://help.panic.com/releasenotes/transmit5/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://matt.ucc.asn.au/dropbear/CHANGES\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://news.ycombinator.com/item?id=38684904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38685286\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=38732005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://nova.app/releases/#v11.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://oryx-embedded.com/download/#changelog\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://roumenpetrov.info/secsh/#news20231220\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/libssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202312-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20240105-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT214084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/TrueSkrillor/status/1736774389725565005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-48795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://winscp.net/eng/docs/history#6.2.2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-client-version-history#933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.bitvise.com/ssh-server-version-history\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5586\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5588\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.netsarang.com/en/xshell-update-history/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/openbsd.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openssh.com/txt/release-9.6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/18/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/12/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Mitigation\"]},{\"url\":\"https://www.paramiko.org/changelog.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.terrapin-attack.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vandyke.com/products/securecrt/history.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\",\"source\":\"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit\"}, {\"url\": \"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability\"}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.paramiko.org/changelog.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/openbsd.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openssh.com/txt/release-9.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.terrapin-attack.com\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugs.gentoo.org/920280\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://oryx-embedded.com/download/#changelog\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://crates.io/crates/thrussh/versions\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://nova.app/releases/#v11.8\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T22:05:21.417Z\"}}, {\"affected\": [{\"vendor\": \"Siemens\", \"product\": \"RUGGEDCOM APE1808\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Siemens\", \"product\": \"SIPLUS S7-1500 CPU 1518-4 PN/DP MFP\", \"versions\": [{\"status\": \"affected\", \"version\": \"V3.1.5\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"x_adpType\": \"supplier\", \"references\": [{\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-794697.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-364175.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-915275.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-769027.html\"}, {\"url\": \"https://cert-portal.siemens.com/productcert/html/ssa-082556.html\"}], \"providerMetadata\": {\"orgId\": \"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e\", \"shortName\": \"siemens-SADP\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-48795\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-12-22T05:01:05.519910Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-354\", \"description\": \"CWE-354 Improper Validation of Integrity Check Value\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T20:45:13.765Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\"}, {\"url\": \"https://matt.ucc.asn.au/dropbear/CHANGES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES\"}, {\"url\": \"https://www.netsarang.com/en/xshell-update-history/\"}, {\"url\": \"https://www.paramiko.org/changelog.html\"}, {\"url\": \"https://www.openssh.com/openbsd.html\"}, {\"url\": \"https://github.com/openssh/openssh-portable/commits/master\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ\"}, {\"url\": \"https://www.bitvise.com/ssh-server-version-history\"}, {\"url\": \"https://github.com/ronf/asyncssh/tags\"}, {\"url\": \"https://gitlab.com/libssh/libssh-mirror/-/tags\"}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/\"}, {\"url\": \"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42\"}, {\"url\": \"https://www.openssh.com/txt/release-9.6\"}, {\"url\": \"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/\"}, {\"url\": \"https://www.terrapin-attack.com\"}, {\"url\": \"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25\"}, {\"url\": \"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst\"}, {\"url\": \"https://thorntech.com/cve-2023-48795-and-sftp-gateway/\"}, {\"url\": \"https://github.com/warp-tech/russh/releases/tag/v0.40.2\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/18/2\"}, {\"url\": \"https://twitter.com/TrueSkrillor/status/1736774389725565005\"}, {\"url\": \"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d\"}, {\"url\": \"https://github.com/paramiko/paramiko/issues/2337\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg\"}, {\"url\": \"https://news.ycombinator.com/item?id=38684904\"}, {\"url\": \"https://news.ycombinator.com/item?id=38685286\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/18/3\", \"name\": \"[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://github.com/mwiede/jsch/issues/457\"}, {\"url\": \"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6\"}, {\"url\": \"https://github.com/erlang/otp/releases/tag/OTP-26.2.1\"}, {\"url\": \"https://github.com/advisories/GHSA-45x7-px36-x8w8\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/libssh2\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-48795\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1217950\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2254210\"}, {\"url\": \"https://bugs.gentoo.org/920280\"}, {\"url\": \"https://ubuntu.com/security/CVE-2023-48795\"}, {\"url\": \"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/\"}, {\"url\": \"https://access.redhat.com/security/cve/cve-2023-48795\"}, {\"url\": \"https://github.com/mwiede/jsch/pull/461\"}, {\"url\": \"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6\"}, {\"url\": \"https://github.com/libssh2/libssh2/pull/1291\"}, {\"url\": \"https://forum.netgate.com/topic/184941/terrapin-ssh-attack\"}, {\"url\": \"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5\"}, {\"url\": \"https://github.com/rapier1/hpn-ssh/releases\"}, {\"url\": \"https://github.com/proftpd/proftpd/issues/456\"}, {\"url\": \"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1\"}, {\"url\": \"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15\"}, {\"url\": \"https://oryx-embedded.com/download/#changelog\"}, {\"url\": \"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update\"}, {\"url\": \"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22\"}, {\"url\": \"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab\"}, {\"url\": \"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3\"}, {\"url\": \"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC\"}, {\"url\": \"https://crates.io/crates/thrussh/versions\"}, {\"url\": \"https://github.com/NixOS/nixpkgs/pull/275249\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/19/5\", \"name\": \"[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc\"}, {\"url\": \"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/12/20/3\", \"name\": \"[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES\"}, {\"url\": \"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES\"}, {\"url\": \"https://github.com/apache/mina-sshd/issues/445\"}, {\"url\": \"https://github.com/hierynomus/sshj/issues/916\"}, {\"url\": \"https://github.com/janmojzis/tinyssh/issues/81\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/12/20/3\"}, {\"url\": \"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2\"}, {\"url\": \"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/\", \"name\": \"FEDORA-2023-0733306be9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5586\", \"name\": \"DSA-5586\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508\"}, {\"url\": \"https://www.theregister.com/2023/12/20/terrapin_attack_ssh\"}, {\"url\": \"https://filezilla-project.org/versions.php\"}, {\"url\": \"https://nova.app/releases/#v11.8\"}, {\"url\": \"https://roumenpetrov.info/secsh/#news20231220\"}, {\"url\": \"https://www.vandyke.com/products/securecrt/history.txt\"}, {\"url\": \"https://help.panic.com/releasenotes/transmit5/\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta\"}, {\"url\": \"https://github.com/PowerShell/Win32-OpenSSH/issues/2189\"}, {\"url\": \"https://winscp.net/eng/docs/history#6.2.2\"}, {\"url\": \"https://www.bitvise.com/ssh-client-version-history#933\"}, {\"url\": \"https://github.com/cyd01/KiTTY/issues/520\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5588\", \"name\": \"DSA-5588\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://github.com/ssh-mitm/ssh-mitm/issues/165\"}, {\"url\": \"https://news.ycombinator.com/item?id=38732005\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html\", \"name\": \"[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-16\", \"name\": \"GLSA-202312-16\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202312-17\", \"name\": \"GLSA-202312-17\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/\", \"name\": \"FEDORA-2023-20feb865d8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/\", \"name\": \"FEDORA-2023-cb8c606fbb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/\", \"name\": \"FEDORA-2023-e77300e4b5\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/\", \"name\": \"FEDORA-2023-b87ec6cf47\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/\", \"name\": \"FEDORA-2023-153404713b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240105-0004/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/\", \"name\": \"FEDORA-2024-3bb23c77f3\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/\", \"name\": \"FEDORA-2023-55800423a8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/\", \"name\": \"FEDORA-2024-d946b9ad25\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/\", \"name\": \"FEDORA-2024-71c2c6526c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/\", \"name\": \"FEDORA-2024-39a8c72ea9\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/\", \"name\": \"FEDORA-2024-ae653fb07b\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/\", \"name\": \"FEDORA-2024-2705241461\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/\", \"name\": \"FEDORA-2024-fb32950d11\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/\", \"name\": \"FEDORA-2024-7b08207cdb\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/\", \"name\": \"FEDORA-2024-06ebb70bdd\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html\", \"name\": \"[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/\", \"name\": \"FEDORA-2024-a53b24023d\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/\", \"name\": \"FEDORA-2024-3fd1bc9276\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT214084\"}, {\"url\": \"http://seclists.org/fulldisclosure/2024/Mar/21\", \"name\": \"20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html\", \"name\": \"[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/17/8\", \"name\": \"[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/03/06/3\", \"name\": \"[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-05-01T18:06:23.972Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-48795\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-12T11:02:25.905Z\", \"dateReserved\": \"2023-11-20T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-12-18T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2024:13812-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
etcd-3.5.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: etcd-3.5.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the etcd-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13812
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdctl-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdctl-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdctl-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdctl-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdutl-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdutl-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdutl-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcdutl-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
6 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "etcd-3.5.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the etcd-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13812",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13812-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "etcd-3.5.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13812-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-1.1.aarch64",
"product": {
"name": "etcd-3.5.12-1.1.aarch64",
"product_id": "etcd-3.5.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-1.1.aarch64",
"product": {
"name": "etcdctl-3.5.12-1.1.aarch64",
"product_id": "etcdctl-3.5.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-1.1.aarch64",
"product": {
"name": "etcdutl-3.5.12-1.1.aarch64",
"product_id": "etcdutl-3.5.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-1.1.ppc64le",
"product": {
"name": "etcd-3.5.12-1.1.ppc64le",
"product_id": "etcd-3.5.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-1.1.ppc64le",
"product": {
"name": "etcdctl-3.5.12-1.1.ppc64le",
"product_id": "etcdctl-3.5.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-1.1.ppc64le",
"product": {
"name": "etcdutl-3.5.12-1.1.ppc64le",
"product_id": "etcdutl-3.5.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-1.1.s390x",
"product": {
"name": "etcd-3.5.12-1.1.s390x",
"product_id": "etcd-3.5.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-1.1.s390x",
"product": {
"name": "etcdctl-3.5.12-1.1.s390x",
"product_id": "etcdctl-3.5.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-1.1.s390x",
"product": {
"name": "etcdutl-3.5.12-1.1.s390x",
"product_id": "etcdutl-3.5.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-1.1.x86_64",
"product": {
"name": "etcd-3.5.12-1.1.x86_64",
"product_id": "etcd-3.5.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-1.1.x86_64",
"product": {
"name": "etcdctl-3.5.12-1.1.x86_64",
"product_id": "etcdctl-3.5.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-1.1.x86_64",
"product": {
"name": "etcdutl-3.5.12-1.1.x86_64",
"product_id": "etcdutl-3.5.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-3.5.12-1.1.aarch64"
},
"product_reference": "etcd-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-3.5.12-1.1.ppc64le"
},
"product_reference": "etcd-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-3.5.12-1.1.s390x"
},
"product_reference": "etcd-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-3.5.12-1.1.x86_64"
},
"product_reference": "etcd-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdctl-3.5.12-1.1.aarch64"
},
"product_reference": "etcdctl-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdctl-3.5.12-1.1.ppc64le"
},
"product_reference": "etcdctl-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdctl-3.5.12-1.1.s390x"
},
"product_reference": "etcdctl-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdctl-3.5.12-1.1.x86_64"
},
"product_reference": "etcdctl-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdutl-3.5.12-1.1.aarch64"
},
"product_reference": "etcdutl-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdutl-3.5.12-1.1.ppc64le"
},
"product_reference": "etcdutl-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdutl-3.5.12-1.1.s390x"
},
"product_reference": "etcdutl-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcdutl-3.5.12-1.1.x86_64"
},
"product_reference": "etcdutl-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdctl-3.5.12-1.1.x86_64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcdutl-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2024:13834-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
etcd-for-k8s1.27-3.5.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: etcd-for-k8s1.27-3.5.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the etcd-for-k8s1.27-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13834
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "etcd-for-k8s1.27-3.5.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the etcd-for-k8s1.27-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13834",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13834-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47108 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "etcd-for-k8s1.27-3.5.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13834-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"product": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"product_id": "etcd-for-k8s1.27-3.5.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"product": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"product_id": "etcd-for-k8s1.27-3.5.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.27-3.5.12-1.1.s390x",
"product": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.s390x",
"product_id": "etcd-for-k8s1.27-3.5.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.27-3.5.12-1.1.x86_64",
"product": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.x86_64",
"product_id": "etcd-for-k8s1.27-3.5.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64"
},
"product_reference": "etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le"
},
"product_reference": "etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x"
},
"product_reference": "etcd-for-k8s1.27-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.27-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
},
"product_reference": "etcd-for-k8s1.27-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-47108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47108"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47108",
"url": "https://www.suse.com/security/cve/CVE-2023-47108"
},
{
"category": "external",
"summary": "SUSE Bug 1217070 for CVE-2023-47108",
"url": "https://bugzilla.suse.com/1217070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47108"
},
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.27-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2024:13835-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
etcd-for-k8s1.28-3.5.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: etcd-for-k8s1.28-3.5.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the etcd-for-k8s1.28-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13835
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "etcd-for-k8s1.28-3.5.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the etcd-for-k8s1.28-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13835",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13835-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47108 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "etcd-for-k8s1.28-3.5.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13835-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"product": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"product_id": "etcd-for-k8s1.28-3.5.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"product": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"product_id": "etcd-for-k8s1.28-3.5.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.28-3.5.12-1.1.s390x",
"product": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.s390x",
"product_id": "etcd-for-k8s1.28-3.5.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.28-3.5.12-1.1.x86_64",
"product": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.x86_64",
"product_id": "etcd-for-k8s1.28-3.5.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64"
},
"product_reference": "etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le"
},
"product_reference": "etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x"
},
"product_reference": "etcd-for-k8s1.28-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.28-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
},
"product_reference": "etcd-for-k8s1.28-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-47108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47108"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47108",
"url": "https://www.suse.com/security/cve/CVE-2023-47108"
},
{
"category": "external",
"summary": "SUSE Bug 1217070 for CVE-2023-47108",
"url": "https://bugzilla.suse.com/1217070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47108"
},
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.28-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2024:13836-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
etcd-for-k8s1.29-3.5.12-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: etcd-for-k8s1.29-3.5.12-1.1 on GA media
Description of the patch: These are all security issues fixed in the etcd-for-k8s1.29-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13836
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "etcd-for-k8s1.29-3.5.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the etcd-for-k8s1.29-3.5.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13836",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13836-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47108 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "etcd-for-k8s1.29-3.5.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13836-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"product": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"product_id": "etcd-for-k8s1.29-3.5.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"product": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"product_id": "etcd-for-k8s1.29-3.5.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.29-3.5.12-1.1.s390x",
"product": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.s390x",
"product_id": "etcd-for-k8s1.29-3.5.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-for-k8s1.29-3.5.12-1.1.x86_64",
"product": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.x86_64",
"product_id": "etcd-for-k8s1.29-3.5.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64"
},
"product_reference": "etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le"
},
"product_reference": "etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x"
},
"product_reference": "etcd-for-k8s1.29-3.5.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-for-k8s1.29-3.5.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
},
"product_reference": "etcd-for-k8s1.29-3.5.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-47108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47108"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47108",
"url": "https://www.suse.com/security/cve/CVE-2023-47108"
},
{
"category": "external",
"summary": "SUSE Bug 1217070 for CVE-2023-47108",
"url": "https://bugzilla.suse.com/1217070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-47108"
},
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.aarch64",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.ppc64le",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.s390x",
"openSUSE Tumbleweed:etcd-for-k8s1.29-3.5.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2024:13979-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
gitui-0.26.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: gitui-0.26.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the gitui-0.26.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13979
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:gitui-0.26.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gitui-0.26.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gitui-0.26.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:gitui-0.26.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
6 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "gitui-0.26.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the gitui-0.26.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13979",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13979-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "gitui-0.26.2-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13979-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gitui-0.26.2-1.1.aarch64",
"product": {
"name": "gitui-0.26.2-1.1.aarch64",
"product_id": "gitui-0.26.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gitui-0.26.2-1.1.ppc64le",
"product": {
"name": "gitui-0.26.2-1.1.ppc64le",
"product_id": "gitui-0.26.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gitui-0.26.2-1.1.s390x",
"product": {
"name": "gitui-0.26.2-1.1.s390x",
"product_id": "gitui-0.26.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gitui-0.26.2-1.1.x86_64",
"product": {
"name": "gitui-0.26.2-1.1.x86_64",
"product_id": "gitui-0.26.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gitui-0.26.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitui-0.26.2-1.1.aarch64"
},
"product_reference": "gitui-0.26.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitui-0.26.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitui-0.26.2-1.1.ppc64le"
},
"product_reference": "gitui-0.26.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitui-0.26.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitui-0.26.2-1.1.s390x"
},
"product_reference": "gitui-0.26.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitui-0.26.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gitui-0.26.2-1.1.x86_64"
},
"product_reference": "gitui-0.26.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gitui-0.26.2-1.1.aarch64",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.s390x",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gitui-0.26.2-1.1.aarch64",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.s390x",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gitui-0.26.2-1.1.aarch64",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.ppc64le",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.s390x",
"openSUSE Tumbleweed:gitui-0.26.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2025:0003-1
Vulnerability from csaf_opensuse - Published: 2025-01-07 15:04 - Updated: 2025-01-07 15:04Summary
Security update for etcd
Severity
Important
Notes
Title of the patch: Security update for etcd
Description of the patch: This update for etcd fixes the following issues:
Update to version 3.5.12:
* Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795
* test: fix TestHashKVWhenCompacting: ensure all goroutine finished
* print error log when creating peer listener failed
* mvcc: Printing etcd backend database related metrics inside scheduleCompaction function
* dependency: update go version to 1.20.13
* commit bbolt transaction if there is any pending deleting operations
* add tests to test tx delete consistency.
* Don't flock snapshot files
* Backport adding digest for etcd base image.
* Add a unit tests and missing flags in etcd help.
* Add missing flag in etcd help.
* Backport testutils.ExecuteUntil to 3.5 branch
* member replace e2e test
* Check if be is nil to avoid panic when be is overriden with nil by recoverSnapshotBackend on line 517
* Don't redeclare err and snapshot variable, fixing validation of consistent index and closing database on defer
* test: enable gofail in release e2e test.
* [3.5] backport health check e2e tests.
* tests: Extract e2e cluster setup to separate package
- Update to version 3.5.11:
* etcdserver: add linearizable_read check to readyz.
* etcd: Update go version to 1.20.12
* server: disable redirects in peer communication
* etcdserver: add metric counters for livez/readyz health checks.
* etcdserver: add livez and ready http endpoints for etcd.
* http health check bug fixes
* server: Split metrics and health code
* server: Cover V3 health with tests
* server: Refactor health checks
* server: Run health check tests in subtests
* server: Rename test case expect fields
* server: Use named struct initialization in healthcheck test
* Backport server: Don't follow redirects when checking peer urls.
* Backport embed: Add tracing integration test.
* Backport server: Have tracingExporter own resources it initialises.
* Backport server: Add sampling rate to distributed tracing.
* upgrade github.com/stretchr/testify,google.golang.org/genproto/googleapis/api,google.golang.org/grpc to make it consistent
* CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0
* github workflow: run arm64 tests on every push
* etcd: upgrade go version from 1.20.10 to 1.20.11
* bump bbolt to 1.3.8 for etcd 3.5
* 3.5: upgrade gRPC-go to 1.58.3
* Backport corrupt check test fix 'etcd server shouldn't wait for the ready notification infinitely on startup'
* etcdserver: add cluster id check for hashKVHandler
* [release-3.5]: upgrade gRPC-go to v1.52.0
* backport #14125 to release-3.5: Update to grpc-1.47 (and fix the connection-string format)
* Return to default write scheduler since golang.org/x/net@v0.11.0 started using round robin
* Bump go to v1.20.10 Part of https://github.com/etcd-io/etcd/issues/16740
* bump golang.org/x/net to 0.17.0 Part of https://github.com/etcd-io/etcd/issues/16740
* etcd: upgrade go version to 1.20.9
* Remove obsolete http 1.0 version.
* fix:Ensure that go version is only defined in one file for release-3.5
* Fix panic in etcd validate secure endpoints
* dependency: bump golang to 1.20.8
* Backport redirect metrics data into file to reduce output.
* test.sh: increase timeout for grpcproxy test
* test: add v3 curl test to cover maintenance hash/hashkv REST API
* api: fix duplicate gateway url issue
* pkg: add a verification on the pagebytes which must be > 0
* tests: Backport deflake for TestWatchDelay
* tests: Backport deflake for TestPageWriterRandom
* Backport adding unit test for socket options.
* Backport export reuse-port and reuse-address
* Fix goword failure in rafthttp/transport.go.
* Backport update to golang 1.20 minor release.
* bump go version to 1.19.12
* Update workflows to use makefile recipes for unit, integration & e2e-release.
* Backport Makefile recipes for common test commands.
* pkg/flags: fix UniqueURLs'Set to remove duplicates in UniqueURLs'uss
* Backport fix to e2e release version identifcation.
* Backport #14368 to v3.5
* Follow up https://github.com/etcd-io/etcd/pull/16068#discussion_r1263667496
* etcdserver: backport check scheduledCompactKeyName and finishedCompactKeyName before writing hash to release-3.5.
* Backport #13577 Disable auth gracefully without impacting existing watchers.
* bump go version to 1.19.11 to fix CVE GO-2023-1878
* clientv3: create keepAliveCtxCloser goroutine only if ctx can be canceled
* [3.5] etcdutl: fix db double closed
* clientv3: remove v3.WithFirstKey() in Barrier.Wait()
* update etcdctl flag description for snapshot restores
* etcdutl: update description for --mark-compacted and --bump-revision flags in snapshot restore command
* Adding optional revision bump and mark compacted to snapshot restore
* Revert 'Merge pull request #16119 from natusameer/release-3.5'
* Add e2e-arm64.yaml and tests-arm64.yaml to release-3.5 scheduled at 1.30
* Backport .github/workflows: Read .go-version as a step and not separate workflow.
* Add first unit test for authApplierV3
* Early exit auth check on lease puts
* remove stack log when etcdutl restore
* etcdserver: fix corruption check when server has just been compacted
* replace gobin with go install
* [3.5] Backport updating go to latest patch release 1.19.10
* add compact hash check to help
* Fix test of clientv3/naming
* clientv3/naming/endpoints: fix endpoints prefix bug fixes bug with multiple endpoints with same prefix
* grpcproxy: fix memberlist results not update when proxy node down
- Update to version 3.5.9:
* Move go version to dedicated .go-version file
* tests: e2e and integration test for timetolive
* etcdserver: protect lease timetilive with auth
* Backport go update to latest patch release 1.19.9.
* Backport centralising go version for actions workflows.
* server: backport 15743, improved description of --initial-cluster-state flag
- Update to version 3.5.8:
* etcdserver: Guarantee order of requested progress notifications
* etcdserver: verify field 'username' and 'revision' present when decoding a JWT token
* set zap logging to wsproxy
* security: remove password after authenticating the user
* test: add an e2e test to reproduce https://nvd.nist.gov/vuln/detail/CVE-2021-28235
* bump golang to 1.19.8
* server/auth: disallow creating empty permission ranges
* chore: enable strict mode for test CI
* Fixes: #15266 All docker images of Architecture show amd64
* scripts: Add testing of etcd in local image in release workflow.
* server: Fix defer function closure escape
* tests: Test separate http port connection multiplexing
* server: Add --listen-client-http-urls flag to allow running grpc server separate from http server
* server: Pick one address that all grpc gateways connect to
* server: Extract resolveUrl helper function
* server: Separate client listener grouping from serving
* refactor: Use proper variable names for urls
* sever/auth: fix addUserWithNoOption of store_test
* server/auth: fix auth panic bug when user changes password
* Automated cherry-pick of #14860: Trigger release in current branch for github workflow case
* server/embed: fix data race when start insecure grpc
* server: Test watch restore
* mvcc: update minRev when watcher stays synced
* tests: Add v2 API to connection multiplexing test
* tests: Add connection muiltiplexer testing
* tests: Backport RunUtilCompletion
* tests: Backport tls for etcdctl
* tests: Extract e2e test utils
* tests: Allow specifying http version in curl
* tests: Refactor newClient args
* tests: Refactor CURLPrefixArgs
* Backport tls 1.3 support.
* server: Switch back to random scheduler to improve resilience to watch starvation
* test: Test etcd watch stream starvation under high read response load when sharing the same connection
* tests: Allow configuring progress notify interval in e2e tests
* Run go mod tidy
* Updated go to 1.19.7.
* Backport go_srcs_in_module changes and fix goword failures.
* Formatted source code for go 1.19.6.
* Bump to go 1.19.6
* Bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571.
* test:enhance the test case TestV3WatchProgressOnMemberRestart
* clientv3: correct the nextRev on receving progress notification response
* etcdserver: add failpoints walBeforeSync and walAfterSync
* Fix regression in timestamp resolution
* upgrade cockroachdb/datadriven to v1.0.2 to remove archived dependencies
* bump github.com/stretchr/testify to v1.8.1
* bump bbolt to v1.3.7 for release-3.5
* netutil: consistently format ipv6 addresses
* docker: remove nsswitch.conf
- Update to version 3.5.7:
* etcdserver: return membership.ErrIDNotFound when the memberID not found
* etcdserver: process the scenaro of the last WAL record being partially synced to disk
* update nsswitch.conf for 3.5
* 3.5: remove the dependency on busybox
* Remove dependency on gobin
* resolve build error: parameter may not start with quote character '
* remove .travis.yml
* format the source code and tidy the dependencies using go 1.17.13
* bump go version to 1.17.13
* deps: bump golang.org/x/net to v0.4.0 to address CVEs
* security: use distroless base image to address critical Vulnerabilities
* cidc: specify the correct branch name of release-3.5 in workflow for trivy nightly scan
* Add trivy nightly scan for release-3.5
* clientv3: revert the client side change in 14547
* client/pkg/v3: fixes Solaris build of transport
* etcdserver: fix nil pointer panic for readonly txn
* Fix go fmt error
* [3.5] Backport: non mutating requests pass through quotaKVServer when NOSPACE
* etcdserver: intentionally set the memberID as 0 in corruption alarm
- Update to version 3.5.6:
* release: build with consistent paths
* client/pkg/fileutil: add missing logger to {Create,Touch}DirAll
* test: add test case to cover the CommonName based authentication
* test: add certificate with root CommonName
* clientv3: do not refresh token when using TLS CommonName based authentication
* etcdserver: call the OnPreCommitUnsafe in unsafeCommit
* add range flag for delete in etcdctl
* server: add more context to panic message
* fix:close conn
* clientv3: fix the design & implementation of double barrier
* test: added e2e test case for issue 14571: etcd doesn't load auth info when recovering from a snapshot
* etcdserver: call refreshRangePermCache on Recover() in AuthStore. #14574
* server: add a unit test case for authStore.Reocver() with empty rangePermCache
* Backport #14591 to 3.5.
* client/v3: Add backoff before retry when watch stream returns unavailable
* etcdserver: added more debug log for the purgeFile goroutine
* netutil: make a `raw` URL comparison part of the urlsEqual function
* Apply suggestions from code review
* netutil: add url comparison without resolver to URLStringsEqual
* tests/Dockerfile: Switch to ubuntu 22.04 base
* Makefile: Additional logic fix
* *: avoid closing a watch with ID 0 incorrectly
* tests: a test case for watch with auth token expiration
* *: handle auth invalid token and old revision errors in watch
* server/etcdmain: add configurable cipher list to gRPC proxy listener
* Replace github.com/form3tech-oss/jwt-go with https://github.com/golang-jwt/jwt/v4
- Update to version 3.5.5:
* fix the flaky test fix_TestV3AuthRestartMember_20220913 for 3.5
* etcdctl: fix move-leader for multiple endpoints
* testing: fix TestOpenWithMaxIndex cleanup
* server,test: refresh cache on each NewAuthStore
* server/etcdmain: add build support for Apple M1
* tests: Fix member id in CORRUPT alarm
* server: Make corrtuption check optional and period configurable
* server: Implement compaction hash checking
* tests: Cover periodic check in tests
* server: Refactor compaction checker
* tests: Move CorruptBBolt to testutil
* tests: Rename corruptHash to CorruptBBolt
* tests: Unify TestCompactionHash and extend it to also Delete keys and Defrag
* tests: Add tests for HashByRev HTTP API
* tests: Add integration tests for compact hash
* server: Cache compaction hash for HashByRev API
* server: Extract hasher to separate interface
* server: Remove duplicated compaction revision
* server: Return revision range that hash was calcualted for
* server: Store real rv range in hasher
* server: Move adjusting revision to hasher
* server: Pass revision as int
* server: Calculate hash during compaction
* server: Fix range in mock not returning same number of keys and values
* server: Move reading KV index inside scheduleCompaction function
* server: Return error from scheduleCompaction
* server: Refactor hasher
* server: Extract kvHash struct
* server: Move unsafeHashByRev to new hash.go file
* server: Extract unsafeHashByRev function
* server: Test HashByRev values to make sure they don't change
* server: Cover corruptionMonitor with tests
* server: Extract corruption detection to dedicated struct
* server: Extract triggerCorruptAlarm to function
* move consistent_index forward when executing alarmList operation
* fix the potential data loss for clusters with only one member
* [backport 3.5] server: don't panic in readonly serializable txn
* Backport of pull/14354 to 3.5.5
* Refactor the keepAliveListener and keepAliveConn
* clientv3: close streams after use in lessor keepAliveOnce method
* Change default sampling rate from 100% to 0%
* Fix the failure in TestEndpointSwitchResolvesViolation
* update all related dependencies
* move setupTracing into a separate file config_tracing.go
* etcdserver: bump OpenTelemetry to 1.0.1
* Change default sampling rate from 100% to 0%
* server/auth: protect rangePermCache with a RW lock
* Improve error message for incorrect values of ETCD_CLIENT_DEBUG
* add e2e test cases to cover the maxConcurrentStreams
* Add flag `--max-concurrent-streams` to set the max concurrent stream each client can open at a time
* add the uint32Value data type
* Client: fix check for WithPrefix op
* client/v3: do not overwrite authTokenBundle on dial
* restrict the max size of each WAL entry to the remaining size of the file
* Add FileReader and FileBufReader utilities
* Backport two lease related bug fixes to 3.5
* scripts: Detect staged files before building release
* scripts: Avoid additional repo clone
* Make DRY_RUN explicit
* scripts: Add tests for release scripts
* server/auth: enable tokenProvider if recoved store enables auth
* Update golang.org/x/crypto to latest
- Update to version 3.5.4:
* Update conssitent_index when applying fails
* Add unit test for canonical SRV records
* Revert 'trim the suffix dot from the srv.Target for etcd-client DNS lookup'
- add variable ETCD_OPTIONS to both service unit and configuration file
this allows the user to easily add things like '--enable-v2=true'
- Update to version 3.5.3:
https://github.com/etcd-io/etcd/compare/v3.5.2...v3.5.3
* clientv3: disable mirror auth test with proxy
* cv3/mirror: Fetch the most recent prefix revision
* set backend to cindex before recovering the lessor in applySnapshot
* support linearizable renew lease
* clientv3: filter learners members during autosync
* etcdserver: upgrade the golang.org/x/crypto dependency
* fix the data inconsistency issue by adding a txPostLockHook into the backend
* server: Save consistency index and term to backend even when they decrease
* server: Add verification of whether lock was called within out outside of apply
* go.mod: Upgrade to prometheus/client_golang v1.11.1
* server: Use default logging configuration instead of zap production one
* Fix offline defrag
* backport 3.5: #13676 load all leases from backend
* server/storage/backend: restore original bolt db options after defrag
* always print raft term in decimal when displaying member list in json
* enhance health check endpoint to support serializable request
* trim the suffix dot from the srv.Target for etcd-client DNS lookup
- Drop ETCD_UNSUPPORTED_ARCH=arm64 from sysconfig as ARM64 is now officially supported
- Update etcd.conf variables
- Add the new etcdutl into separate subpackage
- Update to version 3.5.2:
* Update dep: require gopkg.in/yaml.v2 v2.2.8 -> v2.4.0 due to: CVE-2019-11254.
* fix runlock bug
* server: Require either cluster version v3.6 or --experimental-enable-lease-checkpoint-persist to persist lease remainingTTL
* etcdserver,integration: Store remaining TTL on checkpoint
* lease,integration: add checkpoint scheduling after leader change
* set the backend again after recovering v3 backend from snapshot
* *: implement a retry logic for auth old revision in the client
* client/v3: refresh the token when ErrUserEmpty is received while retrying
* server/etcdserver/api/etcdhttp: exclude the same alarm type activated by multiple peers
* storage/backend: Add a gauge to indicate if defrag is active (backport from 3.6)
- Update to version 3.5.1:
* version: 3.5.1
* Dockerfile: bump debian bullseye-20210927
* client: Use first endpoint as http2 authority header
* tests: Add grpc authority e2e tests
* client: Add grpc authority header integration tests
* tests: Allow configuring integration tests to use TCP
* test: Use unique number for grpc port
* tests: Cleanup member interface by exposing Bridge directly
* tests: Make using bridge optional
* tests: Rename grpcAddr to grpcURL to imply that it includes schema
* tests: Remove bridge dependency on unix
* Decouple prefixArgs from os.Env dependency
* server: Ensure that adding and removing members handle storev2 and backend out of sync
* Stop using tip golang version in CI
* fix self-signed-cert-validity parameter cannot be specified in the config file
* fix health endpoint not usable when authentication is enabled
* workflows: remove ARM64 job for maintenance
- Update to version 3.5.0:
* See link below, diff is too big
https://github.com/etcd-io/etcd/compare/v3.4.16...v3.5.0
- Added hardening to systemd service(s) (boo#1181400)
- Change to sysuser-tools to create system user
- Update to version 3.4.16:
* Backport-3.4 exclude alarms from health check conditionally
* etcdserver/mvcc: update trace.Step condition
* Backport-3.4 etcdserver/util.go: reduce memory when logging range requests
* .travis,Makefile,functional: Bump go 1.12 version to v1.12.17
* integration: Fix 'go test --tags cluster_proxy --timeout=30m -v ./integration/...'
* pkg/tlsutil: Adjust cipher suites for go 1.12
* Fix pkg/tlsutil (test) to not fail on 386.
* bill-of-materials.json: Update golang.org/x/sys
* .travis,test: Turn race off in Travis for go version 1.15
* integration : fix TestTLSClientCipherSuitesMismatch in go1.13
* vendor: Run go mod vendor
* go.mod,go.sum: Bump github.com/creack/pty that includes patch
* go.mod,go.sum: Comply with go v1.15
* etcdserver,wal: Convert int to string using rune()
* integration,raft,tests: Comply with go v1.15 gofmt
* .travis.yml: Test with go v1.15.11
* pkpkg/testutil/leak.go: Allowlist created by testing.runTests.func1
* vendor: Run go mod vendor
* go.sum, go.mod: Run go mod tidy with go 1.12
* go.mod: Pin go to 1.12 version
* etcdserver: fix incorrect metrics generated when clients cancel watches
* integration: relax leader timeout from 3s to 4s
* etcdserver: when using --unsafe-no-fsync write data
* server: Added config parameter experimental-warning-apply-duration
* etcdserver: Fix PeerURL validation
- update etcd.service: avoid args from commandline and environment
as it leads to start failure (boo#1183703)
- Update to version 3.4.15:
* [Backport-3.4] etcdserver/api/etcdhttp: log successful etcd server side health check in debug level
* etcdserver: Fix 64 KB websocket notification message limit
* vendor: bump gorilla/websocket
* pkg/fileutil: fix F_OFD_ constants
- Update to version 3.4.14:
* pkg/netutil: remove unused 'iptables' wrapper
* tools/etcd-dump-metrics: validate exec cmd args
* clientv3: get AuthToken automatically when clientConn is ready.
* etcdserver: add ConfChangeAddLearnerNode to the list of config changes
* integration: add flag WatchProgressNotifyInterval in integration test
- Update to version 3.4.13:
* pkg: file stat warning
* Automated cherry pick of #12243 on release 3.4
* version: 3.4.12
* etcdserver: Avoid panics logging slow v2 requests in integration tests
* version: 3.4.11
* Revert 'etcdserver/api/v3rpc: 'MemberList' never return non-empty ClientURLs'
* *: fix backport of PR12216
* *: add experimental flag for watch notify interval
* clientv3: remove excessive watch cancel logging
* etcdserver: add OS level FD metrics
* pkg/runtime: optimize FDUsage by removing sort
* clientv3: log warning in case of error sending request
* etcdserver/api/v3rpc: 'MemberList' never return non-empty ClientURLs
- Update to version 3.4.10 [CVE-2020-15106][boo#1174951]:
* Documentation: note on data encryption
* etcdserver: change protobuf field type from int to int64 (#12000)
* pkg: consider umask when use MkdirAll
* etcdmain: let grpc proxy warn about insecure-skip-tls-verify
* etcdmain: fix shadow error
* pkg/fileutil: print desired file permission in error log
* pkg: Fix dir permission check on Windows
* auth: Customize simpleTokenTTL settings.
* mvcc: chanLen 1024 is to biger,and it used more memory. 128 seems to be enough. Sometimes the consumption speed is more than the production speed.
* auth: return incorrect result 'ErrUserNotFound' when client request without username or username was empty.
* etcdmain: fix shadow error
* doc: add TLS related warnings
* etcdserver:FDUsage set ticker to 10 minute from 5 seconds. This ticker will check File Descriptor Requirements ,and count all fds in used. And recorded some logs when in used >= limit/5*4. Just recorded message. If fds was more than 10K,It's low performance due to FDUsage() works. So need to increase it.
* clientv3: cancel watches proactively on client context cancellation
* wal: check out of range slice in 'ReadAll', 'decoder'
* etcdctl, etcdmain: warn about --insecure-skip-tls-verify options
* Documentation: note on the policy of insecure by default
* etcdserver: don't let InternalAuthenticateRequest have password
* auth: a new error code for the case of password auth against no password user
* Documentation: note on password strength
* etcdmain: best effort detection of self pointing in tcp proxy
* Discovery: do not allow passing negative cluster size
* wal: fix panic when decoder not set
* embed: fix compaction runtime err
* pkg: check file stats
* etcdserver, et al: add --unsafe-no-fsync flag
* wal: add TestValidSnapshotEntriesAfterPurgeWal testcase
* wal: fix crc mismatch crash bug
* rafthttp: log snapshot download duration
* rafthttp: improve snapshot send logging
* *: make sure snapshot save downloads SHA256 checksum
* etcdserver/api/snap: exclude orphaned defragmentation files in snapNames
* etcdserver: continue releasing snap db in case of error
* etcdserver,wal: fix inconsistencies in WAL and snapshot
* cherry pick of #11564 (#11880)
* mvcc: fix deadlock bug
* auth: optimize lock scope for CheckPassword
* auth: ensure RoleGrantPermission is compatible with older versions
* etcdserver: print warn log when failed to apply request
* auth: cleanup saveConsistentIndex in NewAuthStore
* auth: print warning log when error is ErrAuthOldRevision
* auth: add new metric 'etcd_debugging_auth_revision'
* tools/etcd-dump-db: add auth decoder, optimize print format
* *: fix auth revision corruption bug
* etcdserver: watch stream got closed once one request is not permitted (#11708)
* version: 3.4.7
* wal: add 'etcd_wal_writes_bytes_total'
* pkg/ioutil: add 'FlushN'
* test: auto detect branch when finding merge base
* mvcc/kvstore:when the number key-value is greater than one million, compact take too long and blocks other requests
* version: 3.4.6
* lease: fix memory leak in LeaseGrant when node is follower
* version: 3.4.5
* words: whitelist 'racey'
* Revert 'version: 3.4.5'
* words: whitelist 'hasleader'
* version: 3.4.5
* etcdserver/api/v3rpc: handle api version metadata, add metrics
* clientv3: embed api version in metadata
* etcdserver/api/etcdhttp: log server-side /health checks
* proxy/grpcproxy: add return on error for metrics handler
* etcdctl: fix member add command
* etcdserver: fix quorum calculation when promoting a learner member
* etcdserver: corruption check via http
* mvcc/backend: check for nil boltOpenOptions
* mvcc/backend: Delete orphaned db.tmp files before defrag
* auth: correct logging level
* e2e: test curl auth on onoption user
* auth: fix NoPassWord check when add user
* auth: fix user.Options nil pointer
* mvcc/kvstore:fixcompactbug
* mvcc: update to 'etcd_debugging_mvcc_total_put_size_in_bytes'
* mvcc: add 'etcd_mvcc_put_size_in_bytes' to monitor the throughput of put request.
* clientv3: fix retry/streamer error message
* etcdserver: wait purge file loop during shutdown
* integration: disable TestV3AuthOldRevConcurrent
* etcdserver: remove auth validation loop
* scripts/release: list GPG key only when tagging is needed
Patchnames: openSUSE-2025-3
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for etcd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for etcd fixes the following issues:\n\nUpdate to version 3.5.12:\n\n * Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795\n * test: fix TestHashKVWhenCompacting: ensure all goroutine finished\n * print error log when creating peer listener failed\n * mvcc: Printing etcd backend database related metrics inside scheduleCompaction function\n * dependency: update go version to 1.20.13\n * commit bbolt transaction if there is any pending deleting operations\n * add tests to test tx delete consistency.\n * Don\u0027t flock snapshot files\n * Backport adding digest for etcd base image.\n * Add a unit tests and missing flags in etcd help.\n * Add missing flag in etcd help.\n * Backport testutils.ExecuteUntil to 3.5 branch\n * member replace e2e test\n * Check if be is nil to avoid panic when be is overriden with nil by recoverSnapshotBackend on line 517\n * Don\u0027t redeclare err and snapshot variable, fixing validation of consistent index and closing database on defer\n * test: enable gofail in release e2e test.\n * [3.5] backport health check e2e tests.\n * tests: Extract e2e cluster setup to separate package\n\n- Update to version 3.5.11:\n\n * etcdserver: add linearizable_read check to readyz.\n * etcd: Update go version to 1.20.12\n * server: disable redirects in peer communication\n * etcdserver: add metric counters for livez/readyz health checks.\n * etcdserver: add livez and ready http endpoints for etcd.\n * http health check bug fixes\n * server: Split metrics and health code\n * server: Cover V3 health with tests\n * server: Refactor health checks\n * server: Run health check tests in subtests\n * server: Rename test case expect fields\n * server: Use named struct initialization in healthcheck test\n * Backport server: Don\u0027t follow redirects when checking peer urls.\n * Backport embed: Add tracing integration test.\n * Backport server: Have tracingExporter own resources it initialises.\n * Backport server: Add sampling rate to distributed tracing.\n * upgrade github.com/stretchr/testify,google.golang.org/genproto/googleapis/api,google.golang.org/grpc to make it consistent\n * CVE-2023-47108: Backport go.opentelemetry.io/otel@v1.20.0 and go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0\n * github workflow: run arm64 tests on every push\n * etcd: upgrade go version from 1.20.10 to 1.20.11\n * bump bbolt to 1.3.8 for etcd 3.5\n * 3.5: upgrade gRPC-go to 1.58.3\n * Backport corrupt check test fix \u0027etcd server shouldn\u0027t wait for the ready notification infinitely on startup\u0027\n * etcdserver: add cluster id check for hashKVHandler\n * [release-3.5]: upgrade gRPC-go to v1.52.0\n * backport #14125 to release-3.5: Update to grpc-1.47 (and fix the connection-string format)\n * Return to default write scheduler since golang.org/x/net@v0.11.0 started using round robin\n * Bump go to v1.20.10 Part of https://github.com/etcd-io/etcd/issues/16740\n * bump golang.org/x/net to 0.17.0 Part of https://github.com/etcd-io/etcd/issues/16740\n * etcd: upgrade go version to 1.20.9\n * Remove obsolete http 1.0 version.\n * fix:Ensure that go version is only defined in one file for release-3.5\n * Fix panic in etcd validate secure endpoints\n * dependency: bump golang to 1.20.8\n * Backport redirect metrics data into file to reduce output.\n * test.sh: increase timeout for grpcproxy test\n * test: add v3 curl test to cover maintenance hash/hashkv REST API\n * api: fix duplicate gateway url issue\n * pkg: add a verification on the pagebytes which must be \u003e 0\n * tests: Backport deflake for TestWatchDelay\n * tests: Backport deflake for TestPageWriterRandom\n * Backport adding unit test for socket options.\n * Backport export reuse-port and reuse-address\n * Fix goword failure in rafthttp/transport.go.\n * Backport update to golang 1.20 minor release.\n * bump go version to 1.19.12\n * Update workflows to use makefile recipes for unit, integration \u0026 e2e-release.\n * Backport Makefile recipes for common test commands.\n * pkg/flags: fix UniqueURLs\u0027Set to remove duplicates in UniqueURLs\u0027uss\n * Backport fix to e2e release version identifcation.\n * Backport #14368 to v3.5\n * Follow up https://github.com/etcd-io/etcd/pull/16068#discussion_r1263667496\n * etcdserver: backport check scheduledCompactKeyName and finishedCompactKeyName before writing hash to release-3.5.\n * Backport #13577 Disable auth gracefully without impacting existing watchers.\n * bump go version to 1.19.11 to fix CVE GO-2023-1878\n * clientv3: create keepAliveCtxCloser goroutine only if ctx can be canceled\n * [3.5] etcdutl: fix db double closed\n * clientv3: remove v3.WithFirstKey() in Barrier.Wait()\n * update etcdctl flag description for snapshot restores\n * etcdutl: update description for --mark-compacted and --bump-revision flags in snapshot restore command\n * Adding optional revision bump and mark compacted to snapshot restore\n * Revert \u0027Merge pull request #16119 from natusameer/release-3.5\u0027\n * Add e2e-arm64.yaml and tests-arm64.yaml to release-3.5 scheduled at 1.30\n * Backport .github/workflows: Read .go-version as a step and not separate workflow.\n * Add first unit test for authApplierV3\n * Early exit auth check on lease puts\n * remove stack log when etcdutl restore\n * etcdserver: fix corruption check when server has just been compacted\n * replace gobin with go install\n * [3.5] Backport updating go to latest patch release 1.19.10\n * add compact hash check to help\n * Fix test of clientv3/naming\n * clientv3/naming/endpoints: fix endpoints prefix bug fixes bug with multiple endpoints with same prefix\n * grpcproxy: fix memberlist results not update when proxy node down\n\n- Update to version 3.5.9:\n\n * Move go version to dedicated .go-version file\n * tests: e2e and integration test for timetolive\n * etcdserver: protect lease timetilive with auth\n * Backport go update to latest patch release 1.19.9.\n * Backport centralising go version for actions workflows.\n * server: backport 15743, improved description of --initial-cluster-state flag\n\n- Update to version 3.5.8:\n\n * etcdserver: Guarantee order of requested progress notifications\n * etcdserver: verify field \u0027username\u0027 and \u0027revision\u0027 present when decoding a JWT token\n * set zap logging to wsproxy\n * security: remove password after authenticating the user\n * test: add an e2e test to reproduce https://nvd.nist.gov/vuln/detail/CVE-2021-28235\n * bump golang to 1.19.8\n * server/auth: disallow creating empty permission ranges\n * chore: enable strict mode for test CI\n * Fixes: #15266 All docker images of Architecture show amd64\n * scripts: Add testing of etcd in local image in release workflow.\n * server: Fix defer function closure escape\n * tests: Test separate http port connection multiplexing\n * server: Add --listen-client-http-urls flag to allow running grpc server separate from http server\n * server: Pick one address that all grpc gateways connect to\n * server: Extract resolveUrl helper function\n * server: Separate client listener grouping from serving\n * refactor: Use proper variable names for urls\n * sever/auth: fix addUserWithNoOption of store_test\n * server/auth: fix auth panic bug when user changes password\n * Automated cherry-pick of #14860: Trigger release in current branch for github workflow case\n * server/embed: fix data race when start insecure grpc\n * server: Test watch restore\n * mvcc: update minRev when watcher stays synced\n * tests: Add v2 API to connection multiplexing test\n * tests: Add connection muiltiplexer testing\n * tests: Backport RunUtilCompletion\n * tests: Backport tls for etcdctl\n * tests: Extract e2e test utils\n * tests: Allow specifying http version in curl\n * tests: Refactor newClient args\n * tests: Refactor CURLPrefixArgs\n * Backport tls 1.3 support.\n * server: Switch back to random scheduler to improve resilience to watch starvation\n * test: Test etcd watch stream starvation under high read response load when sharing the same connection\n * tests: Allow configuring progress notify interval in e2e tests\n * Run go mod tidy\n * Updated go to 1.19.7.\n * Backport go_srcs_in_module changes and fix goword failures.\n * Formatted source code for go 1.19.6.\n * Bump to go 1.19.6\n * Bump golang.org/x/net to v0.7.0 to address CVE GO-2023-1571.\n * test:enhance the test case TestV3WatchProgressOnMemberRestart\n * clientv3: correct the nextRev on receving progress notification response\n * etcdserver: add failpoints walBeforeSync and walAfterSync\n * Fix regression in timestamp resolution\n * upgrade cockroachdb/datadriven to v1.0.2 to remove archived dependencies\n * bump github.com/stretchr/testify to v1.8.1\n * bump bbolt to v1.3.7 for release-3.5\n * netutil: consistently format ipv6 addresses\n * docker: remove nsswitch.conf\n\n- Update to version 3.5.7:\n\n * etcdserver: return membership.ErrIDNotFound when the memberID not found\n * etcdserver: process the scenaro of the last WAL record being partially synced to disk\n * update nsswitch.conf for 3.5\n * 3.5: remove the dependency on busybox\n * Remove dependency on gobin\n * resolve build error: parameter may not start with quote character \u0027\n * remove .travis.yml\n * format the source code and tidy the dependencies using go 1.17.13\n * bump go version to 1.17.13\n * deps: bump golang.org/x/net to v0.4.0 to address CVEs\n * security: use distroless base image to address critical Vulnerabilities\n * cidc: specify the correct branch name of release-3.5 in workflow for trivy nightly scan\n * Add trivy nightly scan for release-3.5\n * clientv3: revert the client side change in 14547\n * client/pkg/v3: fixes Solaris build of transport\n * etcdserver: fix nil pointer panic for readonly txn\n * Fix go fmt error\n * [3.5] Backport: non mutating requests pass through quotaKVServer when NOSPACE\n * etcdserver: intentionally set the memberID as 0 in corruption alarm\n \n- Update to version 3.5.6:\n\n * release: build with consistent paths\n * client/pkg/fileutil: add missing logger to {Create,Touch}DirAll\n * test: add test case to cover the CommonName based authentication\n * test: add certificate with root CommonName\n * clientv3: do not refresh token when using TLS CommonName based authentication\n * etcdserver: call the OnPreCommitUnsafe in unsafeCommit\n * add range flag for delete in etcdctl\n * server: add more context to panic message\n * fix:close conn\n * clientv3: fix the design \u0026 implementation of double barrier\n * test: added e2e test case for issue 14571: etcd doesn\u0027t load auth info when recovering from a snapshot\n * etcdserver: call refreshRangePermCache on Recover() in AuthStore. #14574\n * server: add a unit test case for authStore.Reocver() with empty rangePermCache\n * Backport #14591 to 3.5.\n * client/v3: Add backoff before retry when watch stream returns unavailable\n * etcdserver: added more debug log for the purgeFile goroutine\n * netutil: make a `raw` URL comparison part of the urlsEqual function\n * Apply suggestions from code review\n * netutil: add url comparison without resolver to URLStringsEqual\n * tests/Dockerfile: Switch to ubuntu 22.04 base\n * Makefile: Additional logic fix\n * *: avoid closing a watch with ID 0 incorrectly\n * tests: a test case for watch with auth token expiration\n * *: handle auth invalid token and old revision errors in watch\n * server/etcdmain: add configurable cipher list to gRPC proxy listener\n * Replace github.com/form3tech-oss/jwt-go with https://github.com/golang-jwt/jwt/v4\n\n- Update to version 3.5.5:\n\n * fix the flaky test fix_TestV3AuthRestartMember_20220913 for 3.5\n * etcdctl: fix move-leader for multiple endpoints\n * testing: fix TestOpenWithMaxIndex cleanup\n * server,test: refresh cache on each NewAuthStore\n * server/etcdmain: add build support for Apple M1\n * tests: Fix member id in CORRUPT alarm\n * server: Make corrtuption check optional and period configurable\n * server: Implement compaction hash checking\n * tests: Cover periodic check in tests\n * server: Refactor compaction checker\n * tests: Move CorruptBBolt to testutil\n * tests: Rename corruptHash to CorruptBBolt\n * tests: Unify TestCompactionHash and extend it to also Delete keys and Defrag\n * tests: Add tests for HashByRev HTTP API\n * tests: Add integration tests for compact hash\n * server: Cache compaction hash for HashByRev API\n * server: Extract hasher to separate interface\n * server: Remove duplicated compaction revision\n * server: Return revision range that hash was calcualted for\n * server: Store real rv range in hasher\n * server: Move adjusting revision to hasher\n * server: Pass revision as int\n * server: Calculate hash during compaction\n * server: Fix range in mock not returning same number of keys and values\n * server: Move reading KV index inside scheduleCompaction function\n * server: Return error from scheduleCompaction\n * server: Refactor hasher\n * server: Extract kvHash struct\n * server: Move unsafeHashByRev to new hash.go file\n * server: Extract unsafeHashByRev function\n * server: Test HashByRev values to make sure they don\u0027t change\n * server: Cover corruptionMonitor with tests\n * server: Extract corruption detection to dedicated struct\n * server: Extract triggerCorruptAlarm to function\n * move consistent_index forward when executing alarmList operation\n * fix the potential data loss for clusters with only one member\n * [backport 3.5] server: don\u0027t panic in readonly serializable txn\n * Backport of pull/14354 to 3.5.5\n * Refactor the keepAliveListener and keepAliveConn\n * clientv3: close streams after use in lessor keepAliveOnce method\n * Change default sampling rate from 100% to 0%\n * Fix the failure in TestEndpointSwitchResolvesViolation\n * update all related dependencies\n * move setupTracing into a separate file config_tracing.go\n * etcdserver: bump OpenTelemetry to 1.0.1\n * Change default sampling rate from 100% to 0%\n * server/auth: protect rangePermCache with a RW lock\n * Improve error message for incorrect values of ETCD_CLIENT_DEBUG\n * add e2e test cases to cover the maxConcurrentStreams\n * Add flag `--max-concurrent-streams` to set the max concurrent stream each client can open at a time\n * add the uint32Value data type\n * Client: fix check for WithPrefix op\n * client/v3: do not overwrite authTokenBundle on dial\n * restrict the max size of each WAL entry to the remaining size of the file\n * Add FileReader and FileBufReader utilities\n * Backport two lease related bug fixes to 3.5\n * scripts: Detect staged files before building release\n * scripts: Avoid additional repo clone\n * Make DRY_RUN explicit\n * scripts: Add tests for release scripts\n * server/auth: enable tokenProvider if recoved store enables auth\n * Update golang.org/x/crypto to latest\n\n- Update to version 3.5.4:\n\n * Update conssitent_index when applying fails\n * Add unit test for canonical SRV records\n * Revert \u0027trim the suffix dot from the srv.Target for etcd-client DNS lookup\u0027\n\n- add variable ETCD_OPTIONS to both service unit and configuration file\n this allows the user to easily add things like \u0027--enable-v2=true\u0027\n\n- Update to version 3.5.3:\n\n https://github.com/etcd-io/etcd/compare/v3.5.2...v3.5.3\n * clientv3: disable mirror auth test with proxy\n * cv3/mirror: Fetch the most recent prefix revision\n * set backend to cindex before recovering the lessor in applySnapshot\n * support linearizable renew lease\n * clientv3: filter learners members during autosync\n * etcdserver: upgrade the golang.org/x/crypto dependency\n * fix the data inconsistency issue by adding a txPostLockHook into the backend\n * server: Save consistency index and term to backend even when they decrease\n * server: Add verification of whether lock was called within out outside of apply\n * go.mod: Upgrade to prometheus/client_golang v1.11.1\n * server: Use default logging configuration instead of zap production one\n * Fix offline defrag\n * backport 3.5: #13676 load all leases from backend\n * server/storage/backend: restore original bolt db options after defrag\n * always print raft term in decimal when displaying member list in json\n * enhance health check endpoint to support serializable request\n * trim the suffix dot from the srv.Target for etcd-client DNS lookup\n\n- Drop ETCD_UNSUPPORTED_ARCH=arm64 from sysconfig as ARM64 is now officially supported\n- Update etcd.conf variables\n- Add the new etcdutl into separate subpackage\n\n- Update to version 3.5.2:\n\n * Update dep: require gopkg.in/yaml.v2 v2.2.8 -\u003e v2.4.0 due to: CVE-2019-11254.\n * fix runlock bug\n * server: Require either cluster version v3.6 or --experimental-enable-lease-checkpoint-persist to persist lease remainingTTL\n * etcdserver,integration: Store remaining TTL on checkpoint\n * lease,integration: add checkpoint scheduling after leader change\n * set the backend again after recovering v3 backend from snapshot\n * *: implement a retry logic for auth old revision in the client\n * client/v3: refresh the token when ErrUserEmpty is received while retrying\n * server/etcdserver/api/etcdhttp: exclude the same alarm type activated by multiple peers\n * storage/backend: Add a gauge to indicate if defrag is active (backport from 3.6)\n\n- Update to version 3.5.1:\n\n * version: 3.5.1\n * Dockerfile: bump debian bullseye-20210927\n * client: Use first endpoint as http2 authority header\n * tests: Add grpc authority e2e tests\n * client: Add grpc authority header integration tests\n * tests: Allow configuring integration tests to use TCP\n * test: Use unique number for grpc port\n * tests: Cleanup member interface by exposing Bridge directly\n * tests: Make using bridge optional\n * tests: Rename grpcAddr to grpcURL to imply that it includes schema\n * tests: Remove bridge dependency on unix\n * Decouple prefixArgs from os.Env dependency\n * server: Ensure that adding and removing members handle storev2 and backend out of sync\n * Stop using tip golang version in CI\n * fix self-signed-cert-validity parameter cannot be specified in the config file\n * fix health endpoint not usable when authentication is enabled\n * workflows: remove ARM64 job for maintenance\n\n- Update to version 3.5.0:\n\n * See link below, diff is too big\n https://github.com/etcd-io/etcd/compare/v3.4.16...v3.5.0\n\n- Added hardening to systemd service(s) (boo#1181400)\n\n- Change to sysuser-tools to create system user\n\n- Update to version 3.4.16:\n\n * Backport-3.4 exclude alarms from health check conditionally\n * etcdserver/mvcc: update trace.Step condition\n * Backport-3.4 etcdserver/util.go: reduce memory when logging range requests\n * .travis,Makefile,functional: Bump go 1.12 version to v1.12.17\n * integration: Fix \u0027go test --tags cluster_proxy --timeout=30m -v ./integration/...\u0027\n * pkg/tlsutil: Adjust cipher suites for go 1.12\n * Fix pkg/tlsutil (test) to not fail on 386.\n * bill-of-materials.json: Update golang.org/x/sys\n * .travis,test: Turn race off in Travis for go version 1.15\n * integration : fix TestTLSClientCipherSuitesMismatch in go1.13\n * vendor: Run go mod vendor\n * go.mod,go.sum: Bump github.com/creack/pty that includes patch\n * go.mod,go.sum: Comply with go v1.15\n * etcdserver,wal: Convert int to string using rune()\n * integration,raft,tests: Comply with go v1.15 gofmt\n * .travis.yml: Test with go v1.15.11\n * pkpkg/testutil/leak.go: Allowlist created by testing.runTests.func1\n * vendor: Run go mod vendor\n * go.sum, go.mod: Run go mod tidy with go 1.12\n * go.mod: Pin go to 1.12 version\n * etcdserver: fix incorrect metrics generated when clients cancel watches\n * integration: relax leader timeout from 3s to 4s\n * etcdserver: when using --unsafe-no-fsync write data\n * server: Added config parameter experimental-warning-apply-duration\n * etcdserver: Fix PeerURL validation\n\n- update etcd.service: avoid args from commandline and environment\n as it leads to start failure (boo#1183703) \n\n- Update to version 3.4.15:\n\n * [Backport-3.4] etcdserver/api/etcdhttp: log successful etcd server side health check in debug level\n * etcdserver: Fix 64 KB websocket notification message limit\n * vendor: bump gorilla/websocket\n * pkg/fileutil: fix F_OFD_ constants\n\n- Update to version 3.4.14:\n\n * pkg/netutil: remove unused \u0027iptables\u0027 wrapper\n * tools/etcd-dump-metrics: validate exec cmd args\n * clientv3: get AuthToken automatically when clientConn is ready.\n * etcdserver: add ConfChangeAddLearnerNode to the list of config changes\n * integration: add flag WatchProgressNotifyInterval in integration test\n\n- Update to version 3.4.13:\n\n * pkg: file stat warning\n * Automated cherry pick of #12243 on release 3.4\n * version: 3.4.12\n * etcdserver: Avoid panics logging slow v2 requests in integration tests\n * version: 3.4.11\n * Revert \u0027etcdserver/api/v3rpc: \u0027MemberList\u0027 never return non-empty ClientURLs\u0027\n * *: fix backport of PR12216\n * *: add experimental flag for watch notify interval\n * clientv3: remove excessive watch cancel logging\n * etcdserver: add OS level FD metrics\n * pkg/runtime: optimize FDUsage by removing sort\n * clientv3: log warning in case of error sending request\n * etcdserver/api/v3rpc: \u0027MemberList\u0027 never return non-empty ClientURLs\n\n- Update to version 3.4.10 [CVE-2020-15106][boo#1174951]:\n\n * Documentation: note on data encryption\n * etcdserver: change protobuf field type from int to int64 (#12000)\n * pkg: consider umask when use MkdirAll\n * etcdmain: let grpc proxy warn about insecure-skip-tls-verify\n * etcdmain: fix shadow error\n * pkg/fileutil: print desired file permission in error log\n * pkg: Fix dir permission check on Windows\n * auth: Customize simpleTokenTTL settings.\n * mvcc: chanLen 1024 is to biger,and it used more memory. 128 seems to be enough. Sometimes the consumption speed is more than the production speed.\n * auth: return incorrect result \u0027ErrUserNotFound\u0027 when client request without username or username was empty.\n * etcdmain: fix shadow error\n * doc: add TLS related warnings\n * etcdserver:FDUsage set ticker to 10 minute from 5 seconds. This ticker will check File Descriptor Requirements ,and count all fds in used. And recorded some logs when in used \u003e= limit/5*4. Just recorded message. If fds was more than 10K,It\u0027s low performance due to FDUsage() works. So need to increase it.\n * clientv3: cancel watches proactively on client context cancellation\n * wal: check out of range slice in \u0027ReadAll\u0027, \u0027decoder\u0027\n * etcdctl, etcdmain: warn about --insecure-skip-tls-verify options\n * Documentation: note on the policy of insecure by default\n * etcdserver: don\u0027t let InternalAuthenticateRequest have password\n * auth: a new error code for the case of password auth against no password user\n * Documentation: note on password strength\n * etcdmain: best effort detection of self pointing in tcp proxy\n * Discovery: do not allow passing negative cluster size\n * wal: fix panic when decoder not set\n * embed: fix compaction runtime err\n * pkg: check file stats\n * etcdserver, et al: add --unsafe-no-fsync flag\n * wal: add TestValidSnapshotEntriesAfterPurgeWal testcase\n * wal: fix crc mismatch crash bug\n * rafthttp: log snapshot download duration\n * rafthttp: improve snapshot send logging\n * *: make sure snapshot save downloads SHA256 checksum\n * etcdserver/api/snap: exclude orphaned defragmentation files in snapNames\n * etcdserver: continue releasing snap db in case of error\n * etcdserver,wal: fix inconsistencies in WAL and snapshot\n * cherry pick of #11564 (#11880)\n * mvcc: fix deadlock bug\n * auth: optimize lock scope for CheckPassword\n * auth: ensure RoleGrantPermission is compatible with older versions\n * etcdserver: print warn log when failed to apply request\n * auth: cleanup saveConsistentIndex in NewAuthStore\n * auth: print warning log when error is ErrAuthOldRevision\n * auth: add new metric \u0027etcd_debugging_auth_revision\u0027\n * tools/etcd-dump-db: add auth decoder, optimize print format\n * *: fix auth revision corruption bug\n * etcdserver: watch stream got closed once one request is not permitted (#11708)\n * version: 3.4.7\n * wal: add \u0027etcd_wal_writes_bytes_total\u0027\n * pkg/ioutil: add \u0027FlushN\u0027\n * test: auto detect branch when finding merge base\n * mvcc/kvstore:when the number key-value is greater than one million, compact take too long and blocks other requests\n * version: 3.4.6\n * lease: fix memory leak in LeaseGrant when node is follower\n * version: 3.4.5\n * words: whitelist \u0027racey\u0027\n * Revert \u0027version: 3.4.5\u0027\n * words: whitelist \u0027hasleader\u0027\n * version: 3.4.5\n * etcdserver/api/v3rpc: handle api version metadata, add metrics\n * clientv3: embed api version in metadata\n * etcdserver/api/etcdhttp: log server-side /health checks\n * proxy/grpcproxy: add return on error for metrics handler\n * etcdctl: fix member add command\n * etcdserver: fix quorum calculation when promoting a learner member\n * etcdserver: corruption check via http\n * mvcc/backend: check for nil boltOpenOptions\n * mvcc/backend: Delete orphaned db.tmp files before defrag\n * auth: correct logging level\n * e2e: test curl auth on onoption user\n * auth: fix NoPassWord check when add user\n * auth: fix user.Options nil pointer\n * mvcc/kvstore:fixcompactbug\n * mvcc: update to \u0027etcd_debugging_mvcc_total_put_size_in_bytes\u0027\n * mvcc: add \u0027etcd_mvcc_put_size_in_bytes\u0027 to monitor the throughput of put request.\n * clientv3: fix retry/streamer error message\n * etcdserver: wait purge file loop during shutdown\n * integration: disable TestV3AuthOldRevConcurrent\n * etcdserver: remove auth validation loop\n * scripts/release: list GPG key only when tagging is needed\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2025-3",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0003-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:0003-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PE3D4WEFUCELLDKJUEM2KLPFMME7KTAI/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:0003-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PE3D4WEFUCELLDKJUEM2KLPFMME7KTAI/"
},
{
"category": "self",
"summary": "SUSE Bug 1174951",
"url": "https://bugzilla.suse.com/1174951"
},
{
"category": "self",
"summary": "SUSE Bug 1181400",
"url": "https://bugzilla.suse.com/1181400"
},
{
"category": "self",
"summary": "SUSE Bug 1183703",
"url": "https://bugzilla.suse.com/1183703"
},
{
"category": "self",
"summary": "SUSE Bug 1199031",
"url": "https://bugzilla.suse.com/1199031"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11254 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15106 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-28235 page",
"url": "https://www.suse.com/security/cve/CVE-2021-28235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47108 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
}
],
"title": "Security update for etcd",
"tracking": {
"current_release_date": "2025-01-07T15:04:12Z",
"generator": {
"date": "2025-01-07T15:04:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:0003-1",
"initial_release_date": "2025-01-07T15:04:12Z",
"revision_history": [
{
"date": "2025-01-07T15:04:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-bp156.4.3.1.aarch64",
"product": {
"name": "etcd-3.5.12-bp156.4.3.1.aarch64",
"product_id": "etcd-3.5.12-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-bp156.4.3.1.aarch64",
"product": {
"name": "etcdctl-3.5.12-bp156.4.3.1.aarch64",
"product_id": "etcdctl-3.5.12-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-bp156.4.3.1.aarch64",
"product": {
"name": "etcdutl-3.5.12-bp156.4.3.1.aarch64",
"product_id": "etcdutl-3.5.12-bp156.4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-bp156.4.3.1.ppc64le",
"product": {
"name": "etcd-3.5.12-bp156.4.3.1.ppc64le",
"product_id": "etcd-3.5.12-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"product": {
"name": "etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"product_id": "etcdctl-3.5.12-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"product": {
"name": "etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"product_id": "etcdutl-3.5.12-bp156.4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-bp156.4.3.1.s390x",
"product": {
"name": "etcd-3.5.12-bp156.4.3.1.s390x",
"product_id": "etcd-3.5.12-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-bp156.4.3.1.s390x",
"product": {
"name": "etcdctl-3.5.12-bp156.4.3.1.s390x",
"product_id": "etcdctl-3.5.12-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-bp156.4.3.1.s390x",
"product": {
"name": "etcdutl-3.5.12-bp156.4.3.1.s390x",
"product_id": "etcdutl-3.5.12-bp156.4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-3.5.12-bp156.4.3.1.x86_64",
"product": {
"name": "etcd-3.5.12-bp156.4.3.1.x86_64",
"product_id": "etcd-3.5.12-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "etcdctl-3.5.12-bp156.4.3.1.x86_64",
"product": {
"name": "etcdctl-3.5.12-bp156.4.3.1.x86_64",
"product_id": "etcdctl-3.5.12-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "etcdutl-3.5.12-bp156.4.3.1.x86_64",
"product": {
"name": "etcdutl-3.5.12-bp156.4.3.1.x86_64",
"product_id": "etcdutl-3.5.12-bp156.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-3.5.12-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcd-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdctl-3.5.12-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcdctl-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcdutl-3.5.12-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
},
"product_reference": "etcdutl-3.5.12-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11254"
}
],
"notes": [
{
"category": "general",
"text": "The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11254",
"url": "https://www.suse.com/security/cve/CVE-2019-11254"
},
{
"category": "external",
"summary": "SUSE Bug 1168270 for CVE-2019-11254",
"url": "https://bugzilla.suse.com/1168270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-07T15:04:12Z",
"details": "moderate"
}
],
"title": "CVE-2019-11254"
},
{
"cve": "CVE-2020-15106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15106"
}
],
"notes": [
{
"category": "general",
"text": "In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15106",
"url": "https://www.suse.com/security/cve/CVE-2020-15106"
},
{
"category": "external",
"summary": "SUSE Bug 1174951 for CVE-2020-15106",
"url": "https://bugzilla.suse.com/1174951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-07T15:04:12Z",
"details": "moderate"
}
],
"title": "CVE-2020-15106"
},
{
"cve": "CVE-2021-28235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-28235"
}
],
"notes": [
{
"category": "general",
"text": "Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-28235",
"url": "https://www.suse.com/security/cve/CVE-2021-28235"
},
{
"category": "external",
"summary": "SUSE Bug 1210138 for CVE-2021-28235",
"url": "https://bugzilla.suse.com/1210138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-07T15:04:12Z",
"details": "important"
}
],
"title": "CVE-2021-28235"
},
{
"cve": "CVE-2023-47108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47108"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Starting in version 0.37.0 and prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels `net.peer.sock.addr` and `net.peer.sock.port` that have unbound cardinality. It leads to the server\u0027s potential memory exhaustion when many malicious requests are sent. An attacker can easily flood the peer address and port for requests. Version 0.46.0 contains a fix for this issue. As a workaround to stop being affected, a view removing the attributes can be used. The other possibility is to disable grpc metrics instrumentation by passing `otelgrpc.WithMeterProvider` option with `noop.NewMeterProvider`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47108",
"url": "https://www.suse.com/security/cve/CVE-2023-47108"
},
{
"category": "external",
"summary": "SUSE Bug 1217070 for CVE-2023-47108",
"url": "https://bugzilla.suse.com/1217070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-07T15:04:12Z",
"details": "important"
}
],
"title": "CVE-2023-47108"
},
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcd-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:etcdutl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcd-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdctl-3.5.12-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:etcdutl-3.5.12-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-07T15:04:12Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
}
]
}
OPENSUSE-SU-2025:15487-1
Vulnerability from csaf_opensuse - Published: 2025-08-25 00:00 - Updated: 2025-08-25 00:00Summary
cheat-4.4.2-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: cheat-4.4.2-2.1 on GA media
Description of the patch: These are all security issues fixed in the cheat-4.4.2-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15487
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "cheat-4.4.2-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the cheat-4.4.2-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15487",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15487-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21613 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
}
],
"title": "cheat-4.4.2-2.1 on GA media",
"tracking": {
"current_release_date": "2025-08-25T00:00:00Z",
"generator": {
"date": "2025-08-25T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15487-1",
"initial_release_date": "2025-08-25T00:00:00Z",
"revision_history": [
{
"date": "2025-08-25T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-2.1.aarch64",
"product": {
"name": "cheat-4.4.2-2.1.aarch64",
"product_id": "cheat-4.4.2-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-2.1.ppc64le",
"product": {
"name": "cheat-4.4.2-2.1.ppc64le",
"product_id": "cheat-4.4.2-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-2.1.s390x",
"product": {
"name": "cheat-4.4.2-2.1.s390x",
"product_id": "cheat-4.4.2-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-2.1.x86_64",
"product": {
"name": "cheat-4.4.2-2.1.x86_64",
"product_id": "cheat-4.4.2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64"
},
"product_reference": "cheat-4.4.2-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le"
},
"product_reference": "cheat-4.4.2-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x"
},
"product_reference": "cheat-4.4.2-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
},
"product_reference": "cheat-4.4.2-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2025-21613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21613"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21613",
"url": "https://www.suse.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "SUSE Bug 1235572 for CVE-2025-21613",
"url": "https://bugzilla.suse.com/1235572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-21613"
},
{
"cve": "CVE-2025-21614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21614",
"url": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-21614"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:cheat-4.4.2-2.1.aarch64",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.ppc64le",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.s390x",
"openSUSE Tumbleweed:cheat-4.4.2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-25T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
}
]
}
OPENSUSE-SU-2025:15740-1
Vulnerability from csaf_opensuse - Published: 2025-11-18 00:00 - Updated: 2025-11-18 00:00Summary
erlang27-27.1.3-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: erlang27-27.1.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the erlang27-27.1.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15740
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.4 (Critical)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5.9 (Medium)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
80 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
19 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "erlang27-27.1.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the erlang27-27.1.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15740",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15740-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-25623 page",
"url": "https://www.suse.com/security/cve/CVE-2020-25623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-35733 page",
"url": "https://www.suse.com/security/cve/CVE-2020-35733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-37026 page",
"url": "https://www.suse.com/security/cve/CVE-2022-37026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-48041 page",
"url": "https://www.suse.com/security/cve/CVE-2025-48041/"
}
],
"title": "erlang27-27.1.3-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-18T00:00:00Z",
"generator": {
"date": "2025-11-18T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15740-1",
"initial_release_date": "2025-11-18T00:00:00Z",
"revision_history": [
{
"date": "2025-11-18T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "erlang27-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-27.1.3-1.1.aarch64",
"product_id": "erlang27-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-debugger-27.1.3-1.1.aarch64",
"product_id": "erlang27-debugger-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-debugger-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-debugger-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-dialyzer-27.1.3-1.1.aarch64",
"product_id": "erlang27-dialyzer-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-dialyzer-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-diameter-27.1.3-1.1.aarch64",
"product_id": "erlang27-diameter-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-diameter-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-diameter-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-doc-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-doc-27.1.3-1.1.aarch64",
"product_id": "erlang27-doc-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-epmd-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-epmd-27.1.3-1.1.aarch64",
"product_id": "erlang27-epmd-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-et-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-et-27.1.3-1.1.aarch64",
"product_id": "erlang27-et-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-et-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-et-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-et-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-jinterface-27.1.3-1.1.aarch64",
"product_id": "erlang27-jinterface-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-jinterface-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-jinterface-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-observer-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-observer-27.1.3-1.1.aarch64",
"product_id": "erlang27-observer-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-observer-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-observer-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-observer-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-reltool-27.1.3-1.1.aarch64",
"product_id": "erlang27-reltool-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-reltool-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-reltool-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-src-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-wx-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-wx-27.1.3-1.1.aarch64",
"product_id": "erlang27-wx-27.1.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "erlang27-wx-src-27.1.3-1.1.aarch64",
"product": {
"name": "erlang27-wx-src-27.1.3-1.1.aarch64",
"product_id": "erlang27-wx-src-27.1.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang27-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-27.1.3-1.1.ppc64le",
"product_id": "erlang27-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-debugger-27.1.3-1.1.ppc64le",
"product_id": "erlang27-debugger-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-debugger-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-debugger-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-dialyzer-27.1.3-1.1.ppc64le",
"product_id": "erlang27-dialyzer-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-dialyzer-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-diameter-27.1.3-1.1.ppc64le",
"product_id": "erlang27-diameter-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-diameter-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-diameter-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-doc-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-doc-27.1.3-1.1.ppc64le",
"product_id": "erlang27-doc-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-epmd-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-epmd-27.1.3-1.1.ppc64le",
"product_id": "erlang27-epmd-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-et-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-et-27.1.3-1.1.ppc64le",
"product_id": "erlang27-et-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-et-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-et-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-et-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-jinterface-27.1.3-1.1.ppc64le",
"product_id": "erlang27-jinterface-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-jinterface-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-observer-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-observer-27.1.3-1.1.ppc64le",
"product_id": "erlang27-observer-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-observer-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-observer-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-observer-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-reltool-27.1.3-1.1.ppc64le",
"product_id": "erlang27-reltool-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-reltool-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-reltool-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-src-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-wx-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-wx-27.1.3-1.1.ppc64le",
"product_id": "erlang27-wx-27.1.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "erlang27-wx-src-27.1.3-1.1.ppc64le",
"product": {
"name": "erlang27-wx-src-27.1.3-1.1.ppc64le",
"product_id": "erlang27-wx-src-27.1.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang27-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-27.1.3-1.1.s390x",
"product_id": "erlang27-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-debugger-27.1.3-1.1.s390x",
"product_id": "erlang27-debugger-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-debugger-src-27.1.3-1.1.s390x",
"product_id": "erlang27-debugger-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-dialyzer-27.1.3-1.1.s390x",
"product_id": "erlang27-dialyzer-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.s390x",
"product_id": "erlang27-dialyzer-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-diameter-27.1.3-1.1.s390x",
"product_id": "erlang27-diameter-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-diameter-src-27.1.3-1.1.s390x",
"product_id": "erlang27-diameter-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-doc-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-doc-27.1.3-1.1.s390x",
"product_id": "erlang27-doc-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-epmd-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-epmd-27.1.3-1.1.s390x",
"product_id": "erlang27-epmd-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-et-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-et-27.1.3-1.1.s390x",
"product_id": "erlang27-et-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-et-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-et-src-27.1.3-1.1.s390x",
"product_id": "erlang27-et-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-jinterface-27.1.3-1.1.s390x",
"product_id": "erlang27-jinterface-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-jinterface-src-27.1.3-1.1.s390x",
"product_id": "erlang27-jinterface-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-observer-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-observer-27.1.3-1.1.s390x",
"product_id": "erlang27-observer-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-observer-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-observer-src-27.1.3-1.1.s390x",
"product_id": "erlang27-observer-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-reltool-27.1.3-1.1.s390x",
"product_id": "erlang27-reltool-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-reltool-src-27.1.3-1.1.s390x",
"product_id": "erlang27-reltool-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-src-27.1.3-1.1.s390x",
"product_id": "erlang27-src-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-wx-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-wx-27.1.3-1.1.s390x",
"product_id": "erlang27-wx-27.1.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "erlang27-wx-src-27.1.3-1.1.s390x",
"product": {
"name": "erlang27-wx-src-27.1.3-1.1.s390x",
"product_id": "erlang27-wx-src-27.1.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "erlang27-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-27.1.3-1.1.x86_64",
"product_id": "erlang27-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-debugger-27.1.3-1.1.x86_64",
"product_id": "erlang27-debugger-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-debugger-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-debugger-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-debugger-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-dialyzer-27.1.3-1.1.x86_64",
"product_id": "erlang27-dialyzer-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-dialyzer-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-diameter-27.1.3-1.1.x86_64",
"product_id": "erlang27-diameter-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-diameter-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-diameter-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-diameter-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-doc-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-doc-27.1.3-1.1.x86_64",
"product_id": "erlang27-doc-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-epmd-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-epmd-27.1.3-1.1.x86_64",
"product_id": "erlang27-epmd-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-et-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-et-27.1.3-1.1.x86_64",
"product_id": "erlang27-et-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-et-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-et-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-et-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-jinterface-27.1.3-1.1.x86_64",
"product_id": "erlang27-jinterface-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-jinterface-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-jinterface-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-jinterface-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-observer-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-observer-27.1.3-1.1.x86_64",
"product_id": "erlang27-observer-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-observer-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-observer-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-observer-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-reltool-27.1.3-1.1.x86_64",
"product_id": "erlang27-reltool-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-reltool-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-reltool-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-reltool-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-src-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-wx-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-wx-27.1.3-1.1.x86_64",
"product_id": "erlang27-wx-27.1.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "erlang27-wx-src-27.1.3-1.1.x86_64",
"product": {
"name": "erlang27-wx-src-27.1.3-1.1.x86_64",
"product_id": "erlang27-wx-src-27.1.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-debugger-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-debugger-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-debugger-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-debugger-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-debugger-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-debugger-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-debugger-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-debugger-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-debugger-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-dialyzer-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-dialyzer-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-dialyzer-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-dialyzer-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-dialyzer-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-dialyzer-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-diameter-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-diameter-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-diameter-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-diameter-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-diameter-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-diameter-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-diameter-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-diameter-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-diameter-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-doc-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-doc-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-doc-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-doc-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-doc-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-doc-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-doc-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-doc-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-epmd-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-epmd-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-epmd-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-epmd-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-epmd-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-epmd-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-epmd-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-epmd-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-et-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-et-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-et-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-et-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-et-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-et-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-et-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-et-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-et-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-jinterface-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-jinterface-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-jinterface-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-jinterface-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-jinterface-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-jinterface-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-jinterface-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-jinterface-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-observer-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-observer-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-observer-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-observer-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-observer-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-observer-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-observer-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-observer-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-observer-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-reltool-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-reltool-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-reltool-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-reltool-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-reltool-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-reltool-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-reltool-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-reltool-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-reltool-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-wx-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-wx-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-wx-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-wx-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-src-27.1.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64"
},
"product_reference": "erlang27-wx-src-27.1.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-src-27.1.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le"
},
"product_reference": "erlang27-wx-src-27.1.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-src-27.1.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x"
},
"product_reference": "erlang27-wx-src-27.1.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "erlang27-wx-src-27.1.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
},
"product_reference": "erlang27-wx-src-27.1.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-25623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-25623"
}
],
"notes": [
{
"category": "general",
"text": "Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-25623",
"url": "https://www.suse.com/security/cve/CVE-2020-25623"
},
{
"category": "external",
"summary": "SUSE Bug 1177354 for CVE-2020-25623",
"url": "https://bugzilla.suse.com/1177354"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-25623"
},
{
"cve": "CVE-2020-35733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-35733"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-35733",
"url": "https://www.suse.com/security/cve/CVE-2020-35733"
},
{
"category": "external",
"summary": "SUSE Bug 1181073 for CVE-2020-35733",
"url": "https://bugzilla.suse.com/1181073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-35733"
},
{
"cve": "CVE-2022-37026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-37026"
}
],
"notes": [
{
"category": "general",
"text": "In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-37026",
"url": "https://www.suse.com/security/cve/CVE-2022-37026"
},
{
"category": "external",
"summary": "SUSE Bug 1205318 for CVE-2022-37026",
"url": "https://bugzilla.suse.com/1205318"
},
{
"category": "external",
"summary": "SUSE Bug 1207113 for CVE-2022-37026",
"url": "https://bugzilla.suse.com/1207113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2022-37026"
},
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2025-48041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-48041"
}
],
"notes": [
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl.\n\nThis issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-48041",
"url": "https://www.suse.com/security/cve/CVE-2025-48041"
},
{
"category": "external",
"summary": "SUSE Bug 1249473 for CVE-2025-48041",
"url": "https://bugzilla.suse.com/1249473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-debugger-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-dialyzer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-diameter-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-doc-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-epmd-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-et-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-jinterface-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-observer-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-reltool-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-src-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-27.1.3-1.1.x86_64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.aarch64",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.ppc64le",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.s390x",
"openSUSE Tumbleweed:erlang27-wx-src-27.1.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-48041"
}
]
}
OPENSUSE-SU-2025:20177-1
Vulnerability from csaf_opensuse - Published: 2025-12-18 00:17 - Updated: 2025-12-18 00:17Summary
Security update for cheat
Severity
Important
Notes
Title of the patch: Security update for cheat
Description of the patch: This update for cheat fixes the following issues:
- Security:
* CVE-2025-47913: Fix client process termination (bsc#1253593)
* CVE-2025-58181: Fix potential unbounded memory consumption (bsc#1253922)
* CVE-2025-47914: Fix panic due to an out of bounds read (bsc#1254051)
* Replace golang.org/x/crypto=golang.org/x/crypto@v0.45.0
* Replace golang.org/x/net=golang.org/x/net@v0.47.0
* Replace golang.org/x/sys=golang.org/x/sys@v0.38.0
- Packaging improvements:
* Drop Requires: golang-packaging. The recommended Go toolchain
dependency expression is BuildRequires: golang(API) >= 1.x or
optionally the metapackage BuildRequires: go
* Use BuildRequires: golang(API) >= 1.19 matching go.mod
* Build PIE with pattern that may become recommended procedure:
%%ifnarch ppc64 GOFLAGS="-buildmode=pie" %%endif go build
A go toolchain buildmode default config would be preferable
but none exist at this time.
* Drop mod=vendor, go1.14+ will detect vendor dir and auto-enable
* Remove go build -o output binary location and name. Default
binary has the same name as package of func main() and is
placed in the top level of the build directory.
* Add basic %check to execute binary --help
- Packaging improvements:
* Service go_modules replace dependencies with CVEs
* Replace github.com/cloudflare/circl=github.com/cloudflare/circl@v1.6.1
Fix GO-2025-3754 GHSA-2x5j-vhc8-9cwm
* Replace golang.org/x/net=golang.org/x/net@v0.36.0
Fixes GO-2025-3503 CVE-2025-22870
* Replace golang.org/x/crypto=golang.org/x/crypto@v0.35.0
Fixes GO-2023-2402 CVE-2023-48795 GHSA-45x7-px36-x8w8
Fixes GO-2025-3487 CVE-2025-22869
* Replace github.com/go-git/go-git/v5=github.com/go-git/go-git/v5@v5.13.0
Fixes GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4
Fixes GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m
* Service tar_scm set mode manual from disabled
* Service tar_scm create archive from git so we can exclude
vendor directory upstream committed to git. Committed vendor
directory contents have build issues even after go mod tidy.
* Service tar_scm exclude dir vendor
* Service set_version set mode manual from disabled
* Service set_version remove param basename not needed
Patchnames: openSUSE-Leap-16.0-packagehub-59
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for cheat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for cheat fixes the following issues:\n\n- Security:\n * CVE-2025-47913: Fix client process termination (bsc#1253593)\n * CVE-2025-58181: Fix potential unbounded memory consumption (bsc#1253922)\n * CVE-2025-47914: Fix panic due to an out of bounds read (bsc#1254051)\n * Replace golang.org/x/crypto=golang.org/x/crypto@v0.45.0\n * Replace golang.org/x/net=golang.org/x/net@v0.47.0\n * Replace golang.org/x/sys=golang.org/x/sys@v0.38.0\n\n- Packaging improvements:\n * Drop Requires: golang-packaging. The recommended Go toolchain\n dependency expression is BuildRequires: golang(API) \u003e= 1.x or\n optionally the metapackage BuildRequires: go\n * Use BuildRequires: golang(API) \u003e= 1.19 matching go.mod\n * Build PIE with pattern that may become recommended procedure:\n %%ifnarch ppc64 GOFLAGS=\"-buildmode=pie\" %%endif go build\n A go toolchain buildmode default config would be preferable\n but none exist at this time.\n * Drop mod=vendor, go1.14+ will detect vendor dir and auto-enable\n * Remove go build -o output binary location and name. Default\n binary has the same name as package of func main() and is\n placed in the top level of the build directory.\n * Add basic %check to execute binary --help\n\n- Packaging improvements:\n * Service go_modules replace dependencies with CVEs\n * Replace github.com/cloudflare/circl=github.com/cloudflare/circl@v1.6.1\n Fix GO-2025-3754 GHSA-2x5j-vhc8-9cwm\n * Replace golang.org/x/net=golang.org/x/net@v0.36.0\n Fixes GO-2025-3503 CVE-2025-22870\n * Replace golang.org/x/crypto=golang.org/x/crypto@v0.35.0\n Fixes GO-2023-2402 CVE-2023-48795 GHSA-45x7-px36-x8w8\n Fixes GO-2025-3487 CVE-2025-22869\n * Replace github.com/go-git/go-git/v5=github.com/go-git/go-git/v5@v5.13.0\n Fixes GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4\n Fixes GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m\n * Service tar_scm set mode manual from disabled\n * Service tar_scm create archive from git so we can exclude\n vendor directory upstream committed to git. Committed vendor\n directory contents have build issues even after go mod tidy.\n * Service tar_scm exclude dir vendor\n * Service set_version set mode manual from disabled\n * Service set_version remove param basename not needed\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-packagehub-59",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_20177-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1247629",
"url": "https://bugzilla.suse.com/1247629"
},
{
"category": "self",
"summary": "SUSE Bug 1253593",
"url": "https://bugzilla.suse.com/1253593"
},
{
"category": "self",
"summary": "SUSE Bug 1253922",
"url": "https://bugzilla.suse.com/1253922"
},
{
"category": "self",
"summary": "SUSE Bug 1254051",
"url": "https://bugzilla.suse.com/1254051"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-48795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-48795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21613 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
}
],
"title": "Security update for cheat",
"tracking": {
"current_release_date": "2025-12-18T00:17:52Z",
"generator": {
"date": "2025-12-18T00:17:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:20177-1",
"initial_release_date": "2025-12-18T00:17:52Z",
"revision_history": [
{
"date": "2025-12-18T00:17:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-bp160.2.1.aarch64",
"product": {
"name": "cheat-4.4.2-bp160.2.1.aarch64",
"product_id": "cheat-4.4.2-bp160.2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-bp160.2.1.ppc64le",
"product": {
"name": "cheat-4.4.2-bp160.2.1.ppc64le",
"product_id": "cheat-4.4.2-bp160.2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-bp160.2.1.s390x",
"product": {
"name": "cheat-4.4.2-bp160.2.1.s390x",
"product_id": "cheat-4.4.2-bp160.2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cheat-4.4.2-bp160.2.1.x86_64",
"product": {
"name": "cheat-4.4.2-bp160.2.1.x86_64",
"product_id": "cheat-4.4.2-bp160.2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-bp160.2.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64"
},
"product_reference": "cheat-4.4.2-bp160.2.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-bp160.2.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le"
},
"product_reference": "cheat-4.4.2-bp160.2.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-bp160.2.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x"
},
"product_reference": "cheat-4.4.2-bp160.2.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cheat-4.4.2-bp160.2.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
},
"product_reference": "cheat-4.4.2-bp160.2.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-48795"
}
],
"notes": [
{
"category": "general",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-48795",
"url": "https://www.suse.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "SUSE Bug 1217950 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1217950"
},
{
"category": "external",
"summary": "SUSE Bug 1218708 for CVE-2023-48795",
"url": "https://bugzilla.suse.com/1218708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "important"
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2025-21613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21613"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flags. This only happens when the file transport protocol is being used, as that is the only protocol that shells out to git binaries. This vulnerability is fixed in 5.13.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21613",
"url": "https://www.suse.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "SUSE Bug 1235572 for CVE-2025-21613",
"url": "https://bugzilla.suse.com/1235572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "important"
}
],
"title": "CVE-2025-21613"
},
{
"cve": "CVE-2025-21614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21614",
"url": "https://www.suse.com/security/cve/CVE-2025-21614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "important"
}
],
"title": "CVE-2025-21614"
},
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-22870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22870"
}
],
"notes": [
{
"category": "general",
"text": "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22870",
"url": "https://www.suse.com/security/cve/CVE-2025-22870"
},
{
"category": "external",
"summary": "SUSE Bug 1238572 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238572"
},
{
"category": "external",
"summary": "SUSE Bug 1238611 for CVE-2025-22870",
"url": "https://bugzilla.suse.com/1238611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-22870"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.aarch64",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.ppc64le",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.s390x",
"openSUSE Leap 16.0:cheat-4.4.2-bp160.2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-12-18T00:17:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
}
]
}
RHBA-2024:1127
Vulnerability from csaf_redhat - Published: 2024-03-05 18:22 - Updated: 2026-06-02 17:36Summary
Red Hat Bug Fix Advisory: libssh bug fix update
Severity
Moderate
Notes
Topic: An update for libssh is now available for Red Hat Enterprise Linux 9.
Details: libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
Bug Fix(es):
* libssh: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (JIRA:RHEL-20939)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.
5.9 (Medium)
Affected products
Fixed
44 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libssh is now available for Red Hat Enterprise Linux 9.",
"title": "Topic"
},
{
"category": "general",
"text": "libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.\n\nBug Fix(es):\n\n* libssh: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (JIRA:RHEL-20939)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2024:1127",
"url": "https://access.redhat.com/errata/RHBA-2024:1127"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhba-2024_1127.json"
}
],
"title": "Red Hat Bug Fix Advisory: libssh bug fix update",
"tracking": {
"current_release_date": "2026-06-02T17:36:36+00:00",
"generator": {
"date": "2026-06-02T17:36:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHBA-2024:1127",
"initial_release_date": "2024-03-05T18:22:05+00:00",
"revision_history": [
{
"date": "2024-03-05T18:22:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-05T18:22:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:36:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-devel-0:0.10.4-12.el9_3.aarch64",
"product": {
"name": "libssh-devel-0:0.10.4-12.el9_3.aarch64",
"product_id": "libssh-devel-0:0.10.4-12.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-devel@0.10.4-12.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"product": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"product_id": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debugsource@0.10.4-12.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"product": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"product_id": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debuginfo@0.10.4-12.el9_3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.aarch64",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.aarch64",
"product_id": "libssh-0:0.10.4-12.el9_3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"product": {
"name": "libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"product_id": "libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-devel@0.10.4-12.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"product": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"product_id": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debugsource@0.10.4-12.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"product": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"product_id": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debuginfo@0.10.4-12.el9_3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.ppc64le",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.ppc64le",
"product_id": "libssh-0:0.10.4-12.el9_3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-devel-0:0.10.4-12.el9_3.i686",
"product": {
"name": "libssh-devel-0:0.10.4-12.el9_3.i686",
"product_id": "libssh-devel-0:0.10.4-12.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-devel@0.10.4-12.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libssh-debugsource-0:0.10.4-12.el9_3.i686",
"product": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.i686",
"product_id": "libssh-debugsource-0:0.10.4-12.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debugsource@0.10.4-12.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"product": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"product_id": "libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debuginfo@0.10.4-12.el9_3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.i686",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.i686",
"product_id": "libssh-0:0.10.4-12.el9_3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-devel-0:0.10.4-12.el9_3.x86_64",
"product": {
"name": "libssh-devel-0:0.10.4-12.el9_3.x86_64",
"product_id": "libssh-devel-0:0.10.4-12.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-devel@0.10.4-12.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"product": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"product_id": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debugsource@0.10.4-12.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"product": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"product_id": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debuginfo@0.10.4-12.el9_3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.x86_64",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.x86_64",
"product_id": "libssh-0:0.10.4-12.el9_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-devel-0:0.10.4-12.el9_3.s390x",
"product": {
"name": "libssh-devel-0:0.10.4-12.el9_3.s390x",
"product_id": "libssh-devel-0:0.10.4-12.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-devel@0.10.4-12.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"product": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"product_id": "libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debugsource@0.10.4-12.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"product": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"product_id": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-debuginfo@0.10.4-12.el9_3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.s390x",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.s390x",
"product_id": "libssh-0:0.10.4-12.el9_3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-0:0.10.4-12.el9_3.src",
"product": {
"name": "libssh-0:0.10.4-12.el9_3.src",
"product_id": "libssh-0:0.10.4-12.el9_3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh@0.10.4-12.el9_3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh-config-0:0.10.4-12.el9_3.noarch",
"product": {
"name": "libssh-config-0:0.10.4-12.el9_3.noarch",
"product_id": "libssh-config-0:0.10.4-12.el9_3.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libssh-config@0.10.4-12.el9_3?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.src",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-config-0:0.10.4-12.el9_3.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch"
},
"product_reference": "libssh-config-0:0.10.4-12.el9_3.noarch",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "AppStream-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.src",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-config-0:0.10.4-12.el9_3.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch"
},
"product_reference": "libssh-config-0:0.10.4-12.el9_3.noarch",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.aarch64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.i686",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.s390x",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh-devel-0:0.10.4-12.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
},
"product_reference": "libssh-devel-0:0.10.4-12.el9_3.x86_64",
"relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"discovery_date": "2023-12-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2254210"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure in OpenSSH 9.5 against keystroke timing attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE is classified as moderate because the attack requires an active Man-in-the-Middle (MITM) who can intercept and modify the connection\u0027s traffic at the TCP/IP layer.\n\nAlthough the attack is cryptographically innovative, its security impact is fortunately quite limited. It only allows the deletion of consecutive messages, and deleting most messages at this protocol stage prevents user authentication from proceeding, leading to a stalled connection.\n\nThe most significant identified impact is that it enables a MITM to delete the SSH2_MSG_EXT_INFO message sent before authentication begins. This allows the attacker to disable a subset of keystroke timing obfuscation features. However, there is no other observable impact on session secrecy or session integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48795"
},
{
"category": "external",
"summary": "RHBZ#2254210",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7071748",
"url": "https://access.redhat.com/solutions/7071748"
},
{
"category": "external",
"summary": "https://terrapin-attack.com/",
"url": "https://terrapin-attack.com/"
}
],
"release_date": "2023-12-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-05T18:22:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing these updated packages, all running applications using libssh must be restarted for this update to take effect.",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2024:1127"
},
{
"category": "workaround",
"details": "Update to the last version and check that client and server provide kex pseudo-algorithms indicating usage of the updated version of the protocol which is protected from the attack. If \"kex-strict-c-v00@openssh.com\" is provided by clients and \"kex-strict-s-v00@openssh.com\" is in the server\u0027s reply, no other steps are necessary.\n\nDisabling ciphers if necessary:\n\nIf \"kex-strict-c-v00@openssh.com\" is not provided by clients or \"kex-strict-s-v00@openssh.com\" is absent in the server\u0027s reply, you can disable the following ciphers and HMACs as a workaround on RHEL-8 and RHEL-9:\n\n1. chacha20-poly1305@openssh.com\n2. hmac-sha2-512-etm@openssh.com\n3. hmac-sha2-256-etm@openssh.com\n4. hmac-sha1-etm@openssh.com\n5. hmac-md5-etm@openssh.com\n\nTo do that through crypto-policies, one can apply a subpolicy with the following content:\n```\ncipher@SSH = -CHACHA20-POLY1305\nssh_etm = 0\n```\ne.g., by putting these lines into `/etc/crypto-policies/policies/modules/CVE-2023-48795.pmod`, applying the resulting subpolicy with `update-crypto-policies --set $(update-crypto-policies --show):CVE-2023-48795` and restarting openssh server.\n\nOne can verify that the changes are in effect by ensuring the ciphers listed above are missing from both `/etc/crypto-policies/back-ends/openssh.config` and `/etc/crypto-policies/back-ends/opensshserver.config`.\n\nFor more details on using crypto-policies, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening\n\nNote that this procedure does limit the interoperability of the host and is only suggested as a temporary mitigation until the issue is fully resolved with an update.\n\nFor RHEL-7: \nWe can recommend to use strict MACs and Ciphers on RHEL7 in both files /etc/ssh/ssh_config and /etc/ssh/sshd_config.\n\nBelow strict set of Ciphers and MACs can be used as mitigation for RHEL 7.\n\n```\nCiphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com\nMACs umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512\n```\n\n- For Openshift Container Platform 4:\nPlease refer the KCS[1] document for verifying the fix in RHCOS.\n\n[1] https://access.redhat.com/solutions/7071748",
"product_ids": [
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"AppStream-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"AppStream-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.src",
"BaseOS-9.3.0.Z.MAIN:libssh-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-config-0:0.10.4-12.el9_3.noarch",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debuginfo-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-debugsource-0:0.10.4-12.el9_3.x86_64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.aarch64",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.i686",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.ppc64le",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.s390x",
"BaseOS-9.3.0.Z.MAIN:libssh-devel-0:0.10.4-12.el9_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ssh: Prefix truncation attack on Binary Packet Protocol (BPP)"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…