Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-5217 (GCVE-0-2023-5217)
Vulnerability from cvelistv5 – Published: 2023-09-28 15:23 – Updated: 2025-10-21 23:05
VLAI
EPSS
CISA KEV
Summary
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- Heap buffer overflow
Assigner
References
52 references
Impacted products
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 9bb689af-af37-4a7f-9011-7dee93d12367
Exploited: Yes
Timestamps
First Seen: 2023-10-02
Asserted: 2023-10-02
Scope
Notes: KEV entry: Google Chromium libvpx Heap Buffer Overflow Vulnerability | Affected: Google / Chromium libvpx | Description: Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2023-10-23 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html; https://nvd.nist.gov/vuln/detail/CVE-2023-5217
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-787 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Chromium libvpx |
| Due Date | 2023-10-23 |
| Date Added | 2023-10-02 |
| Vendorproject | |
| Vulnerabilityname | Google Chromium libvpx Heap Buffer Overflow Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-02-02 13:24 UTC
| Updated: 2026-02-06 07:53 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://crbug.com/1486441"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/7"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/9"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2023-5217"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191"
},
{
"tags": [
"x_transferred"
],
"url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://pastebin.com/TdkC4pDv"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/tags"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/12"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/14"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5510"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5509"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5508"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/maddiestone/status/1707163313711497266"
},
{
"tags": [
"x_transferred"
],
"url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/1"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/5"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/02/6"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/11"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213961"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/12"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213972"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Oct/16"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-34"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-5217",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-11-15T16:38:17.360361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2023-10-02",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:05:36.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-02T00:00:00.000Z",
"value": "CVE-2023-5217 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "117.0.5938.132",
"status": "affected",
"version": "117.0.5938.132",
"versionType": "custom"
}
]
},
{
"product": "libvpx",
"vendor": "Google",
"versions": [
{
"lessThan": "1.13.1",
"status": "affected",
"version": "1.13.1",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap buffer overflow",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-31T17:08:56.596Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html"
},
{
"url": "https://crbug.com/1486441"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/9"
},
{
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2023-5217"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241191"
},
{
"url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/09/28/5"
},
{
"url": "https://pastebin.com/TdkC4pDv"
},
{
"url": "https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590"
},
{
"url": "https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282"
},
{
"url": "https://github.com/webmproject/libvpx/tags"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/11"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/12"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/29/14"
},
{
"url": "https://www.debian.org/security/2023/dsa-5510"
},
{
"url": "https://www.debian.org/security/2023/dsa-5509"
},
{
"url": "https://www.debian.org/security/2023/dsa-5508"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html"
},
{
"url": "https://twitter.com/maddiestone/status/1707163313711497266"
},
{
"url": "https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/"
},
{
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/5"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/01/5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/02/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/11"
},
{
"url": "https://security.gentoo.org/glsa/202310-04"
},
{
"url": "https://support.apple.com/kb/HT213961"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/12"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html"
},
{
"url": "https://support.apple.com/kb/HT213972"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/16"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/"
},
{
"url": "https://security.gentoo.org/glsa/202401-34"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2023-5217",
"datePublished": "2023-09-28T15:23:18.340Z",
"dateReserved": "2023-09-27T01:52:05.679Z",
"dateUpdated": "2025-10-21T23:05:36.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2023-5217",
"cwes": "[\"CWE-787\"]",
"dateAdded": "2023-10-02",
"dueDate": "2023-10-23",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html; https://nvd.nist.gov/vuln/detail/CVE-2023-5217",
"product": "Chromium libvpx",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome.",
"vendorProject": "Google",
"vulnerabilityName": "Google Chromium libvpx Heap Buffer Overflow Vulnerability"
},
"epss": {
"cve": "CVE-2023-5217",
"date": "2026-05-27",
"epss": "0.04976",
"percentile": "0.89805"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-5217\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2023-09-28T16:15:10.980\",\"lastModified\":\"2025-10-24T14:07:24.923\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\"},{\"lang\":\"es\",\"value\":\"El desbordamiento del b\u00fafer en la codificaci\u00f3n vp8 en libvpx en Google Chrome anterior a 117.0.5938.132 y libvpx 1.13.1 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chrome: alta)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2023-10-02\",\"cisaActionDue\":\"2023-10-23\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Google Chromium libvpx Heap Buffer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webmproject:libvpx:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.13.1\",\"matchCriteriaId\":\"385F58CC-4AA0-4C41-9394-C9481586689E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:edge:116.0.1938.98:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83749E8D-D4EC-4C5E-B031-8DD4C5C3AA72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:edge:117.0.2045.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F5AB10-A20E-4B12-863D-9335A6344130\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:edge_chromium:116.0.5845.229:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"494B17DA-B40E-4B79-925D-2F439C7A4BCC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:edge_chromium:117.0.5938.132:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A1735C0-78BF-4B9C-9EC6-64471C609046\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:esr:*:*:*\",\"versionEndExcluding\":\"115.3.1\",\"matchCriteriaId\":\"93B700CD-4D4C-4D92-B105-9B02E21246BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:-:*:*:*\",\"versionEndExcluding\":\"118.0.1\",\"matchCriteriaId\":\"B6BEA417-5012-4315-AFF2-20BBF931A550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"118.1\",\"matchCriteriaId\":\"C0246068-275F-4D13-93B9-44AD91D2EFFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"115.3.1\",\"matchCriteriaId\":\"C287FD41-1668-4BA8-9BF5-7C56420F6F38\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46D69DCC-AE4D-4EA5-861C-D60951444C6C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.3\",\"matchCriteriaId\":\"5383A8BF-7AD6-4D5A-9B57-DE1BC2C59E09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A377B7C9-A339-49A9-9C96-A6F5F738B40C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.0\",\"versionEndExcluding\":\"17.0.3\",\"matchCriteriaId\":\"F1D28032-F9E6-45E7-98B6-7CE2351C4C99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:16.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF582B55-1D2F-4F53-9F3D-DB52F211B600\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"117.0.5938.132\",\"matchCriteriaId\":\"8F840D02-4766-4644-8FD6-637E945E88FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2023/Oct/12\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Oct/16\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/5\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/6\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/11\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/12\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/14\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/2\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/7\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/9\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/2\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/3\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/4\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/5\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/2\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/5\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/02/6\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/03/11\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2241191\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1486441\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libvpx/releases/tag/v1.13.1\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/webmproject/libvpx/tags\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Product\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pastebin.com/TdkC4pDv\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-5217\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-04\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-34\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213961\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213972\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/maddiestone/status/1707163313711497266\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5508\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5509\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5510\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/09/28/5\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Oct/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2023/Oct/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/28/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/29/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/09/30/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/01/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/02/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/10/03/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2241191\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://crbug.com/1486441\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webmproject/libvpx/releases/tag/v1.13.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/webmproject/libvpx/tags\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pastebin.com/TdkC4pDv\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2023-5217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202310-04\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202401-34\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213972\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/maddiestone/status/1707163313711497266\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5508\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5509\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.debian.org/security/2023/dsa-5510\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2023/09/28/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://crbug.com/1486441\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/9\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-5217\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2241191\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/09/28/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pastebin.com/TdkC4pDv\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libvpx/tags\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/14\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5510\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5509\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2023/dsa-5508\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/maddiestone/status/1707163313711497266\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/webmproject/libvpx/releases/tag/v1.13.1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/02/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/03/11\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202310-04\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213961\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Oct/12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213972\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Oct/16\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202401-34\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:52:08.351Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5217\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2023-11-15T16:38:17.360361Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-10-02\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-10-02T00:00:00.000Z\", \"value\": \"CVE-2023-5217 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-5217\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-03T14:03:12.332Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Google\", \"product\": \"Chrome\", \"versions\": [{\"status\": \"affected\", \"version\": \"117.0.5938.132\", \"lessThan\": \"117.0.5938.132\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Google\", \"product\": \"libvpx\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13.1\", \"lessThan\": \"1.13.1\", \"versionType\": \"custom\"}]}], \"references\": [{\"url\": \"https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html\"}, {\"url\": \"https://crbug.com/1486441\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/5\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/28/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/7\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/9\"}, {\"url\": \"https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2023-5217\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2241191\"}, {\"url\": \"https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2023/09/28/5\"}, {\"url\": \"https://pastebin.com/TdkC4pDv\"}, {\"url\": \"https://github.com/webmproject/libvpx/commit/3fbd1dca6a4d2dad332a2110d646e4ffef36d590\"}, {\"url\": \"https://github.com/webmproject/libvpx/commit/af6dedd715f4307669366944cca6e0417b290282\"}, {\"url\": \"https://github.com/webmproject/libvpx/tags\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/11\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/12\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/29/14\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5510\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5509\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5508\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/1\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00038.html\"}, {\"url\": \"https://twitter.com/maddiestone/status/1707163313711497266\"}, {\"url\": \"https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/\"}, {\"url\": \"https://github.com/webmproject/libvpx/releases/tag/v1.13.1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/3\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/4\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/09/30/5\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BCVSHVX2RFBU3RMCUFSATVQEJUFD4Q63/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/1\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/01/5\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/55YVCZNAVY3Y5E4DWPWMX2SPKZ2E5SOV/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6/\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/02/6\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/10/03/11\"}, {\"url\": \"https://security.gentoo.org/glsa/202310-04\"}, {\"url\": \"https://support.apple.com/kb/HT213961\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD/\"}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Oct/12\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html\"}, {\"url\": \"https://support.apple.com/kb/HT213972\"}, {\"url\": \"http://seclists.org/fulldisclosure/2023/Oct/16\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TE7F54W5O5RS4ZMAAC7YK3CZWQXIDSKB/\"}, {\"url\": \"https://security.gentoo.org/glsa/202401-34\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"Heap buffer overflow\"}]}], \"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2024-01-31T17:08:56.596Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-5217\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:05:36.191Z\", \"dateReserved\": \"2023-09-27T01:52:05.679Z\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"datePublished\": \"2023-09-28T15:23:18.340Z\", \"assignerShortName\": \"Chrome\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2023:0297-1
Vulnerability from csaf_opensuse - Published: 2023-10-11 07:10 - Updated: 2023-10-11 07:10Summary
Security update for opera
Severity
Important
Notes
Title of the patch: Security update for opera
Description of the patch: This update for opera fixes the following issues:
- Update to 103.0.4928.16
* CHR-9416 Updating Chromium on desktop-stable-* branches
* CHR-9433 Update Chromium on desktop-stable-117-4928 to
117.0.5938.89
* CHR-9449 Update Chromium on desktop-stable-117-4928 to
117.0.5938.132
* DNA-110337 Opera Intro extension custom versions
* DNA-111454 Player animations visual adjustments
* DNA-111618 Turn on #password-generator on all streams
* DNA-111645 Turn on flag #player-service-react on
developer stream
* DNA-111708 Player home page is shown while music service is
being loaded
* DNA-111722 [Tab strip][Tab island] Add tab in tab island
button appears after size of tabs is changed
* DNA-111727 JsonPrefStore is created twice for Local State file
* DNA-111838 Promote 103.0 to stable
* DNA-111845 Turn on flag #player-service-react on all streams
* DNA-111868 Translations for O103
* DNA-111874 OMenu and Context Menus has transparent few
px border
- The update to chromium 117.0.5938.89 fixes following issues:
CVE-2023-5217, CVE-2023-5186, CVE-2023-5187
- Complete Opera 103 changelog at:
https://blogs.opera.com/desktop/changelog-for-103/
- Update to 102.0.4880.78
* DNA-110952 Crash at base::subtle::RefCountedBase::
ReleaseImpl() const
- Update to 102.0.4880.70
* DNA-105016 Do not open file selector when closing easy files
dialog with 'close this popup' option
* DNA-110437 Extensions font color in dark mode makes the text
not visible
* DNA-110443 Crash at EasyFilesView::ShowFileSelector
* DNA-111231 Amazon Music logo update in sidebar Player
* DNA-111280 Make import from Crypto Browser to Opera Browser
easier
* DNA-111355 [Sidebar] DevTools is not working correctly in
with sidebar panel
* DNA-111708 Player home page is shown while music service is
being loaded
* DNA-111162 Refresh Player home page
* DNA-111164 Implement animation in Player home page
- Update to 102.0.4880.56
* DNA-110785 Crash at static void base::allocator::
UnretainedDanglingRawPtrDetectedDumpWithoutCrashing
(unsigned __int64)
* DNA-110973 Crash after dragging tab from island to another
screen
* DNA-111199 Disable user_education tests from
component_unittests
* DNA-111369 Crash at views::View::DoRemoveChildView(views::
View*, bool, bool, views::View*)
* DNA-111538 All new open windows don`t have a close button 'x'
in the right upper corner.
- Changes in 102.0.4880.51
* CHR-9416 Automatic tries of updating Chromium on
desktop-stable-* branches
* DNA-110101 [Linux] Maximize/restore button does not work
properly
* DNA-110669 duplicated hints on system buttons
* DNA-110823 Uninstallation Survey Countries
* DNA-110881 Scroll bar doesn't change color in dark mode
* DNA-110930 Capture mouse events on the 1-pixel edge for
DevTools
* DNA-110935 ChatSonic colors are unreadable in Dark Mode
* DNA-111034 Dynamic icon does not look good in edit-tile-modal
* DNA-111035 Removal custom-image should restore dynamic icon
* DNA-111177 [Start page] Letter in SD is black on light
wallpaper
* DNA-111488 Improve profile migration for
desktop-stable-116-4880
- Update to 102.0.4880.46
* CHR-9416 Automatic tries of updating Chromium on
desktop-stable-* branches
* DNA-110216 [Sidebar] Straight lines instead of rounded corners
* DNA-110539 [LIN] Crash at content::WebContentsImpl::
GetLastCommittedURL()
* DNA-110631 AB test mechanism for Speed Dial
* DNA-110656 [TabStrip] Memory leak for tab group
* DNA-111322 Only show splash screen on major version update
* DNA-111417 Crash at opera::component_based::
TabAnimationController::StartAnimatedLayout(opera::
component_based::TabAnimationController::AnimationInfo,
base::OnceCallback)
* DNA-111420 Update continue on link for euro rtv agd
* DNA-111440 Crash at opera::component_based::
ComponentTabBar::GetActiveTab()
Patchnames: openSUSE-2023-297
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for opera",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for opera fixes the following issues:\n\n- Update to 103.0.4928.16\n * CHR-9416 Updating Chromium on desktop-stable-* branches\n * CHR-9433 Update Chromium on desktop-stable-117-4928 to\n 117.0.5938.89\n * CHR-9449 Update Chromium on desktop-stable-117-4928 to\n 117.0.5938.132\n * DNA-110337 Opera Intro extension custom versions\n * DNA-111454 Player animations visual adjustments\n * DNA-111618 Turn on #password-generator on all streams\n * DNA-111645 Turn on flag #player-service-react on\n developer stream\n * DNA-111708 Player home page is shown while music service is\n being loaded\n * DNA-111722 [Tab strip][Tab island] Add tab in tab island\n button appears after size of tabs is changed\n * DNA-111727 JsonPrefStore is created twice for Local State file\n * DNA-111838 Promote 103.0 to stable\n * DNA-111845 Turn on flag #player-service-react on all streams\n * DNA-111868 Translations for O103\n * DNA-111874 OMenu and Context Menus has transparent few\n px border\n- The update to chromium 117.0.5938.89 fixes following issues:\n CVE-2023-5217, CVE-2023-5186, CVE-2023-5187\n- Complete Opera 103 changelog at:\n https://blogs.opera.com/desktop/changelog-for-103/\n\n- Update to 102.0.4880.78\n * DNA-110952 Crash at base::subtle::RefCountedBase::\n ReleaseImpl() const\n\n- Update to 102.0.4880.70\n * DNA-105016 Do not open file selector when closing easy files\n dialog with \u0027close this popup\u0027 option\n * DNA-110437 Extensions font color in dark mode makes the text\n not visible\n * DNA-110443 Crash at EasyFilesView::ShowFileSelector\n * DNA-111231 Amazon Music logo update in sidebar Player\n * DNA-111280 Make import from Crypto Browser to Opera Browser\n easier\n * DNA-111355 [Sidebar] DevTools is not working correctly in\n with sidebar panel\n * DNA-111708 Player home page is shown while music service is\n being loaded\n * DNA-111162 Refresh Player home page\n * DNA-111164 Implement animation in Player home page\n\n- Update to 102.0.4880.56\n * DNA-110785 Crash at static void base::allocator::\n UnretainedDanglingRawPtrDetectedDumpWithoutCrashing\n (unsigned __int64)\n * DNA-110973 Crash after dragging tab from island to another\n screen\n * DNA-111199 Disable user_education tests from\n component_unittests\n * DNA-111369 Crash at views::View::DoRemoveChildView(views::\n View*, bool, bool, views::View*)\n * DNA-111538 All new open windows don`t have a close button \u0027x\u0027\n in the right upper corner.\n- Changes in 102.0.4880.51\n * CHR-9416 Automatic tries of updating Chromium on\n desktop-stable-* branches\n * DNA-110101 [Linux] Maximize/restore button does not work\n properly\n * DNA-110669 duplicated hints on system buttons\n * DNA-110823 Uninstallation Survey Countries\n * DNA-110881 Scroll bar doesn\u0027t change color in dark mode\n * DNA-110930 Capture mouse events on the 1-pixel edge for\n DevTools\n * DNA-110935 ChatSonic colors are unreadable in Dark Mode\n * DNA-111034 Dynamic icon does not look good in edit-tile-modal\n * DNA-111035 Removal custom-image should restore dynamic icon\n * DNA-111177 [Start page] Letter in SD is black on light\n wallpaper\n * DNA-111488 Improve profile migration for\n desktop-stable-116-4880\n\n- Update to 102.0.4880.46\n * CHR-9416 Automatic tries of updating Chromium on\n desktop-stable-* branches\n * DNA-110216 [Sidebar] Straight lines instead of rounded corners\n * DNA-110539 [LIN] Crash at content::WebContentsImpl::\n GetLastCommittedURL()\n * DNA-110631 AB test mechanism for Speed Dial\n * DNA-110656 [TabStrip] Memory leak for tab group\n * DNA-111322 Only show splash screen on major version update\n * DNA-111417 Crash at opera::component_based::\n TabAnimationController::StartAnimatedLayout(opera::\n component_based::TabAnimationController::AnimationInfo,\n base::OnceCallback)\n * DNA-111420 Update continue on link for euro rtv agd\n * DNA-111440 Crash at opera::component_based::\n ComponentTabBar::GetActiveTab()\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-297",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0297-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0297-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SA3UIF6YUP4F422WZCCPKQ6TLSBG7YAK/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0297-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SA3UIF6YUP4F422WZCCPKQ6TLSBG7YAK/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5186 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5187 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "Security update for opera",
"tracking": {
"current_release_date": "2023-10-11T07:10:18Z",
"generator": {
"date": "2023-10-11T07:10:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0297-1",
"initial_release_date": "2023-10-11T07:10:18Z",
"revision_history": [
{
"date": "2023-10-11T07:10:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "opera-103.0.4928.16-lp155.3.12.1.x86_64",
"product": {
"name": "opera-103.0.4928.16-lp155.3.12.1.x86_64",
"product_id": "opera-103.0.4928.16-lp155.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.5 NonFree",
"product": {
"name": "openSUSE Leap 15.5 NonFree",
"product_id": "openSUSE Leap 15.5 NonFree"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "opera-103.0.4928.16-lp155.3.12.1.x86_64 as component of openSUSE Leap 15.5 NonFree",
"product_id": "openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
},
"product_reference": "opera-103.0.4928.16-lp155.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5 NonFree"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5186"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5186",
"url": "https://www.suse.com/security/cve/CVE-2023-5186"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5186",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:18Z",
"details": "important"
}
],
"title": "CVE-2023-5186"
},
{
"cve": "CVE-2023-5187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5187"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5187",
"url": "https://www.suse.com/security/cve/CVE-2023-5187"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5187",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:18Z",
"details": "important"
}
],
"title": "CVE-2023-5187"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.5 NonFree:opera-103.0.4928.16-lp155.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:18Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2023:0298-1
Vulnerability from csaf_opensuse - Published: 2023-10-11 07:10 - Updated: 2023-10-11 07:10Summary
Security update for opera
Severity
Important
Notes
Title of the patch: Security update for opera
Description of the patch: This update for opera fixes the following issues:
- Update to 103.0.4928.16
* CHR-9416 Updating Chromium on desktop-stable-* branches
* CHR-9433 Update Chromium on desktop-stable-117-4928 to
117.0.5938.89
* CHR-9449 Update Chromium on desktop-stable-117-4928 to
117.0.5938.132
* DNA-110337 Opera Intro extension custom versions
* DNA-111454 Player animations visual adjustments
* DNA-111618 Turn on #password-generator on all streams
* DNA-111645 Turn on flag #player-service-react on
developer stream
* DNA-111708 Player home page is shown while music service is
being loaded
* DNA-111722 [Tab strip][Tab island] Add tab in tab island
button appears after size of tabs is changed
* DNA-111727 JsonPrefStore is created twice for Local State file
* DNA-111838 Promote 103.0 to stable
* DNA-111845 Turn on flag #player-service-react on all streams
* DNA-111868 Translations for O103
* DNA-111874 OMenu and Context Menus has transparent few
px border
- The update to chromium 117.0.5938.89 fixes following issues:
CVE-2023-5217, CVE-2023-5186, CVE-2023-5187
- Complete Opera 103 changelog at:
https://blogs.opera.com/desktop/changelog-for-103/
- Update to 102.0.4880.78
* DNA-110952 Crash at base::subtle::RefCountedBase::
ReleaseImpl() const
- Update to 102.0.4880.70
* DNA-105016 Do not open file selector when closing easy files
dialog with 'close this popup' option
* DNA-110437 Extensions font color in dark mode makes the text
not visible
* DNA-110443 Crash at EasyFilesView::ShowFileSelector
* DNA-111231 Amazon Music logo update in sidebar Player
* DNA-111280 Make import from Crypto Browser to Opera Browser
easier
* DNA-111355 [Sidebar] DevTools is not working correctly in
with sidebar panel
* DNA-111708 Player home page is shown while music service is
being loaded
* DNA-111162 Refresh Player home page
* DNA-111164 Implement animation in Player home page
- Update to 102.0.4880.56
* DNA-110785 Crash at static void base::allocator::
UnretainedDanglingRawPtrDetectedDumpWithoutCrashing
(unsigned __int64)
* DNA-110973 Crash after dragging tab from island to another
screen
* DNA-111199 Disable user_education tests from
component_unittests
* DNA-111369 Crash at views::View::DoRemoveChildView(views::
View*, bool, bool, views::View*)
* DNA-111538 All new open windows don`t have a close button 'x'
in the right upper corner.
- Changes in 102.0.4880.51
* CHR-9416 Automatic tries of updating Chromium on
desktop-stable-* branches
* DNA-110101 [Linux] Maximize/restore button does not work
properly
* DNA-110669 duplicated hints on system buttons
* DNA-110823 Uninstallation Survey Countries
* DNA-110881 Scroll bar doesn't change color in dark mode
* DNA-110930 Capture mouse events on the 1-pixel edge for
DevTools
* DNA-110935 ChatSonic colors are unreadable in Dark Mode
* DNA-111034 Dynamic icon does not look good in edit-tile-modal
* DNA-111035 Removal custom-image should restore dynamic icon
* DNA-111177 [Start page] Letter in SD is black on light
wallpaper
* DNA-111488 Improve profile migration for
desktop-stable-116-4880
- Update to 102.0.4880.46
* CHR-9416 Automatic tries of updating Chromium on
desktop-stable-* branches
* DNA-110216 [Sidebar] Straight lines instead of rounded corners
* DNA-110539 [LIN] Crash at content::WebContentsImpl::
GetLastCommittedURL()
* DNA-110631 AB test mechanism for Speed Dial
* DNA-110656 [TabStrip] Memory leak for tab group
* DNA-111322 Only show splash screen on major version update
* DNA-111417 Crash at opera::component_based::
TabAnimationController::StartAnimatedLayout(opera::
component_based::TabAnimationController::AnimationInfo,
base::OnceCallback)
* DNA-111420 Update continue on link for euro rtv agd
* DNA-111440 Crash at opera::component_based::
ComponentTabBar::GetActiveTab()
Patchnames: openSUSE-2023-298
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for opera",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for opera fixes the following issues:\n\n- Update to 103.0.4928.16\n * CHR-9416 Updating Chromium on desktop-stable-* branches\n * CHR-9433 Update Chromium on desktop-stable-117-4928 to\n 117.0.5938.89\n * CHR-9449 Update Chromium on desktop-stable-117-4928 to\n 117.0.5938.132\n * DNA-110337 Opera Intro extension custom versions\n * DNA-111454 Player animations visual adjustments\n * DNA-111618 Turn on #password-generator on all streams\n * DNA-111645 Turn on flag #player-service-react on\n developer stream\n * DNA-111708 Player home page is shown while music service is\n being loaded\n * DNA-111722 [Tab strip][Tab island] Add tab in tab island\n button appears after size of tabs is changed\n * DNA-111727 JsonPrefStore is created twice for Local State file\n * DNA-111838 Promote 103.0 to stable\n * DNA-111845 Turn on flag #player-service-react on all streams\n * DNA-111868 Translations for O103\n * DNA-111874 OMenu and Context Menus has transparent few\n px border\n- The update to chromium 117.0.5938.89 fixes following issues:\n CVE-2023-5217, CVE-2023-5186, CVE-2023-5187\n- Complete Opera 103 changelog at:\n https://blogs.opera.com/desktop/changelog-for-103/\n\n- Update to 102.0.4880.78\n * DNA-110952 Crash at base::subtle::RefCountedBase::\n ReleaseImpl() const\n\n- Update to 102.0.4880.70\n * DNA-105016 Do not open file selector when closing easy files\n dialog with \u0027close this popup\u0027 option\n * DNA-110437 Extensions font color in dark mode makes the text\n not visible\n * DNA-110443 Crash at EasyFilesView::ShowFileSelector\n * DNA-111231 Amazon Music logo update in sidebar Player\n * DNA-111280 Make import from Crypto Browser to Opera Browser\n easier\n * DNA-111355 [Sidebar] DevTools is not working correctly in\n with sidebar panel\n * DNA-111708 Player home page is shown while music service is\n being loaded\n * DNA-111162 Refresh Player home page\n * DNA-111164 Implement animation in Player home page\n\n- Update to 102.0.4880.56\n * DNA-110785 Crash at static void base::allocator::\n UnretainedDanglingRawPtrDetectedDumpWithoutCrashing\n (unsigned __int64)\n * DNA-110973 Crash after dragging tab from island to another\n screen\n * DNA-111199 Disable user_education tests from\n component_unittests\n * DNA-111369 Crash at views::View::DoRemoveChildView(views::\n View*, bool, bool, views::View*)\n * DNA-111538 All new open windows don`t have a close button \u0027x\u0027\n in the right upper corner.\n- Changes in 102.0.4880.51\n * CHR-9416 Automatic tries of updating Chromium on\n desktop-stable-* branches\n * DNA-110101 [Linux] Maximize/restore button does not work\n properly\n * DNA-110669 duplicated hints on system buttons\n * DNA-110823 Uninstallation Survey Countries\n * DNA-110881 Scroll bar doesn\u0027t change color in dark mode\n * DNA-110930 Capture mouse events on the 1-pixel edge for\n DevTools\n * DNA-110935 ChatSonic colors are unreadable in Dark Mode\n * DNA-111034 Dynamic icon does not look good in edit-tile-modal\n * DNA-111035 Removal custom-image should restore dynamic icon\n * DNA-111177 [Start page] Letter in SD is black on light\n wallpaper\n * DNA-111488 Improve profile migration for\n desktop-stable-116-4880\n\n- Update to 102.0.4880.46\n * CHR-9416 Automatic tries of updating Chromium on\n desktop-stable-* branches\n * DNA-110216 [Sidebar] Straight lines instead of rounded corners\n * DNA-110539 [LIN] Crash at content::WebContentsImpl::\n GetLastCommittedURL()\n * DNA-110631 AB test mechanism for Speed Dial\n * DNA-110656 [TabStrip] Memory leak for tab group\n * DNA-111322 Only show splash screen on major version update\n * DNA-111417 Crash at opera::component_based::\n TabAnimationController::StartAnimatedLayout(opera::\n component_based::TabAnimationController::AnimationInfo,\n base::OnceCallback)\n * DNA-111420 Update continue on link for euro rtv agd\n * DNA-111440 Crash at opera::component_based::\n ComponentTabBar::GetActiveTab()\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-298",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0298-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0298-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V5KRGLOBRAIYNFCNZH4YM2ETGNMPQEKZ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0298-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V5KRGLOBRAIYNFCNZH4YM2ETGNMPQEKZ/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5186 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5187 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "Security update for opera",
"tracking": {
"current_release_date": "2023-10-11T07:10:39Z",
"generator": {
"date": "2023-10-11T07:10:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0298-1",
"initial_release_date": "2023-10-11T07:10:39Z",
"revision_history": [
{
"date": "2023-10-11T07:10:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "opera-103.0.4928.16-lp154.2.53.1.x86_64",
"product": {
"name": "opera-103.0.4928.16-lp154.2.53.1.x86_64",
"product_id": "opera-103.0.4928.16-lp154.2.53.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.4 NonFree",
"product": {
"name": "openSUSE Leap 15.4 NonFree",
"product_id": "openSUSE Leap 15.4 NonFree",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "opera-103.0.4928.16-lp154.2.53.1.x86_64 as component of openSUSE Leap 15.4 NonFree",
"product_id": "openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
},
"product_reference": "opera-103.0.4928.16-lp154.2.53.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4 NonFree"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5186"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5186",
"url": "https://www.suse.com/security/cve/CVE-2023-5186"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5186",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:39Z",
"details": "important"
}
],
"title": "CVE-2023-5186"
},
{
"cve": "CVE-2023-5187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5187"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5187",
"url": "https://www.suse.com/security/cve/CVE-2023-5187"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5187",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:39Z",
"details": "important"
}
],
"title": "CVE-2023-5187"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.4 NonFree:opera-103.0.4928.16-lp154.2.53.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-11T07:10:39Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2023:0365-1
Vulnerability from csaf_opensuse - Published: 2023-11-12 13:00 - Updated: 2023-11-12 13:00Summary
Security update for vlc
Severity
Moderate
Notes
Title of the patch: Security update for vlc
Description of the patch: This update for vlc fixes the following issues:
Update to version 3.0.20:
+ Video Output:
- Fix green line in fullscreen in D3D11 video output
- Fix crash with some AMD drivers old versions
- Fix events propagation issue when double-clicking with mouse wheel
+ Decoders:
- Fix crash when AV1 hardware decoder fails
+ Interface:
- Fix annoying disappearance of the Windows fullscreen controller
+ Demuxers:
- Fix potential security issue (OOB Write) on MMS:// by checking user size bounds
Update to version 3.0.19:
+ Core:
- Fix next-frame freezing in most scenarios
+ Demux:
- Support RIFF INFO tags for Wav files
- Fix AVI files with flipped RAW video planes
- Fix duration on short and small Ogg/Opus files
- Fix some HLS/TS streams with ID3 prefix
- Fix some HLS playlist refresh drift
- Fix for GoPro MAX spatial metadata
- Improve FFmpeg-muxed MP4 chapters handling
- Improve playback for QNap-produced AVI files
- Improve playback of some old RealVideo files
- Fix duration probing on some MP4 with missing information
+ Decoders:
- Multiple fixes on AAC handling
- Activate hardware decoding of AV1 on Windows (DxVA)
- Improve AV1 HDR support with software decoding
- Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
- Fix black screen on poorly edited MP4 files on Android Mediacodec
- Fix rawvid video in NV12
- Fix several issues on Windows hardware decoding (including 'too large resolution in DxVA')
- Improve crunchyroll-produced SSA rendering
+ Video Output:
- Super Resolution scaling with nVidia and Intel GPUs
- Fix for an issue when cropping on Direct3D9
- Multiple fixes for hardware decoding on D3D11 and OpenGL interop
- Fix an issue when playing -90rotated video
- Fix subtitles rendering blur on recent macOS
+ Input:
- Improve SMB compatibility with Windows 11 hosts
+ Contribs:
- Update of fluidlite, fixing some MIDI rendering on Windows
- Update of zlib to 1.2.13 (CVE-2022-37434)
- Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
+ Misc:
- Improve muxing timestamps in a few formats (reset to 0)
- Fix some rendering issues on Linux with the fullscreen controller
- Fix GOOM visualization
- Fixes for Youtube playback
- Fix some MPRIS inconsistencies that broke some OS widgets on Linux
- Implement MPRIS TrackList signals
- Fix opening files in read-only mode
- Fix password search using the Kwallet backend
- Fix some crashes on macOS when switching application
- Fix 5.1/7.1 output on macOS and tvOS
- Fix several crashes and bugs in the macOS preferences panel
- Improvements on the threading of the MMDevice audio output on Windows
- Fix a potential security issue on the uninstaller DLLs
- Fix memory leaks when using the media_list_player libVLC APIs
+ Translations:
- Update of most translations
- New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili
Patchnames: openSUSE-2023-365
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
18 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vlc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vlc fixes the following issues:\n\nUpdate to version 3.0.20:\n\n+ Video Output:\n - Fix green line in fullscreen in D3D11 video output\n - Fix crash with some AMD drivers old versions\n - Fix events propagation issue when double-clicking with mouse wheel\n+ Decoders:\n - Fix crash when AV1 hardware decoder fails\n+ Interface:\n - Fix annoying disappearance of the Windows fullscreen controller\n+ Demuxers:\n - Fix potential security issue (OOB Write) on MMS:// by checking user size bounds\n\nUpdate to version 3.0.19:\n\n+ Core: \n - Fix next-frame freezing in most scenarios\n+ Demux: \n - Support RIFF INFO tags for Wav files\n - Fix AVI files with flipped RAW video planes\n - Fix duration on short and small Ogg/Opus files\n - Fix some HLS/TS streams with ID3 prefix\n - Fix some HLS playlist refresh drift\n - Fix for GoPro MAX spatial metadata\n - Improve FFmpeg-muxed MP4 chapters handling\n - Improve playback for QNap-produced AVI files\n - Improve playback of some old RealVideo files\n - Fix duration probing on some MP4 with missing information\n+ Decoders:\n - Multiple fixes on AAC handling\n - Activate hardware decoding of AV1 on Windows (DxVA)\n - Improve AV1 HDR support with software decoding\n - Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones\n - Fix black screen on poorly edited MP4 files on Android Mediacodec\n - Fix rawvid video in NV12\n - Fix several issues on Windows hardware decoding (including \u0027too large resolution in DxVA\u0027)\n - Improve crunchyroll-produced SSA rendering\n+ Video Output:\n - Super Resolution scaling with nVidia and Intel GPUs\n - Fix for an issue when cropping on Direct3D9\n - Multiple fixes for hardware decoding on D3D11 and OpenGL interop\n - Fix an issue when playing -90rotated video\n - Fix subtitles rendering blur on recent macOS\n+ Input:\n - Improve SMB compatibility with Windows 11 hosts\n+ Contribs:\n - Update of fluidlite, fixing some MIDI rendering on Windows\n - Update of zlib to 1.2.13 (CVE-2022-37434)\n - Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass\n+ Misc:\n - Improve muxing timestamps in a few formats (reset to 0)\n - Fix some rendering issues on Linux with the fullscreen controller\n - Fix GOOM visualization\n - Fixes for Youtube playback\n - Fix some MPRIS inconsistencies that broke some OS widgets on Linux\n - Implement MPRIS TrackList signals\n - Fix opening files in read-only mode\n - Fix password search using the Kwallet backend\n - Fix some crashes on macOS when switching application\n - Fix 5.1/7.1 output on macOS and tvOS\n - Fix several crashes and bugs in the macOS preferences panel\n - Improvements on the threading of the MMDevice audio output on Windows\n - Fix a potential security issue on the uninstaller DLLs\n - Fix memory leaks when using the media_list_player libVLC APIs\n+ Translations:\n - Update of most translations\n - New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-365",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0365-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0365-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0365-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4PHTZYGRNV6PDZMHUALPCK2YD6IRL3XD/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-37434 page",
"url": "https://www.suse.com/security/cve/CVE-2022-37434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "Security update for vlc",
"tracking": {
"current_release_date": "2023-11-12T13:00:59Z",
"generator": {
"date": "2023-11-12T13:00:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0365-1",
"initial_release_date": "2023-11-12T13:00:59Z",
"revision_history": [
{
"date": "2023-11-12T13:00:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "libvlc5-3.0.20-bp154.2.6.1.aarch64",
"product_id": "libvlc5-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"product_id": "libvlccore9-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-devel-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-jack-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-noX-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-qt-3.0.20-bp154.2.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"product": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"product_id": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "vlc-lang-3.0.20-bp154.2.6.1.noarch",
"product": {
"name": "vlc-lang-3.0.20-bp154.2.6.1.noarch",
"product_id": "vlc-lang-3.0.20-bp154.2.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "libvlc5-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"product": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"product_id": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "libvlc5-3.0.20-bp154.2.6.1.x86_64",
"product_id": "libvlc5-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"product_id": "libvlccore9-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-devel-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-jack-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-noX-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-qt-3.0.20-bp154.2.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"product": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"product_id": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP4",
"product": {
"name": "SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-lang-3.0.20-bp154.2.6.1.noarch as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch"
},
"product_reference": "vlc-lang-3.0.20-bp154.2.6.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 as component of SUSE Package Hub 15 SP4",
"product_id": "SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "libvlc5-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-lang-3.0.20-bp154.2.6.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch"
},
"product_reference": "vlc-lang-3.0.20-bp154.2.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
},
"product_reference": "vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-37434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-37434"
}
],
"notes": [
{
"category": "general",
"text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-37434",
"url": "https://www.suse.com/security/cve/CVE-2022-37434"
},
{
"category": "external",
"summary": "SUSE Bug 1202175 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1202175"
},
{
"category": "external",
"summary": "SUSE Bug 1203030 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1203030"
},
{
"category": "external",
"summary": "SUSE Bug 1205074 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1205074"
},
{
"category": "external",
"summary": "SUSE Bug 1205289 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1205289"
},
{
"category": "external",
"summary": "SUSE Bug 1216542 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1216542"
},
{
"category": "external",
"summary": "SUSE Bug 1225671 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1225671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-12T13:00:59Z",
"details": "important"
}
],
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"SUSE Package Hub 15 SP4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlc5-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:libvlccore9-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-codec-gstreamer-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-devel-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-jack-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-lang-3.0.20-bp154.2.6.1.noarch",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-noX-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-opencv-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-qt-3.0.20-bp154.2.6.1.x86_64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.aarch64",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.ppc64le",
"openSUSE Leap 15.4:vlc-vdpau-3.0.20-bp154.2.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-12T13:00:59Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2023:0366-1
Vulnerability from csaf_opensuse - Published: 2023-11-12 13:01 - Updated: 2023-11-12 13:01Summary
Security update for vlc
Severity
Moderate
Notes
Title of the patch: Security update for vlc
Description of the patch: This update for vlc fixes the following issues:
Update to version 3.0.20:
+ Video Output:
- Fix green line in fullscreen in D3D11 video output
- Fix crash with some AMD drivers old versions
- Fix events propagation issue when double-clicking with mouse wheel
+ Decoders:
- Fix crash when AV1 hardware decoder fails
+ Interface:
- Fix annoying disappearance of the Windows fullscreen controller
+ Demuxers:
- Fix potential security issue (OOB Write) on MMS:// by checking user size bounds
Update to version 3.0.19:
+ Core:
- Fix next-frame freezing in most scenarios
+ Demux:
- Support RIFF INFO tags for Wav files
- Fix AVI files with flipped RAW video planes
- Fix duration on short and small Ogg/Opus files
- Fix some HLS/TS streams with ID3 prefix
- Fix some HLS playlist refresh drift
- Fix for GoPro MAX spatial metadata
- Improve FFmpeg-muxed MP4 chapters handling
- Improve playback for QNap-produced AVI files
- Improve playback of some old RealVideo files
- Fix duration probing on some MP4 with missing information
+ Decoders:
- Multiple fixes on AAC handling
- Activate hardware decoding of AV1 on Windows (DxVA)
- Improve AV1 HDR support with software decoding
- Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones
- Fix black screen on poorly edited MP4 files on Android Mediacodec
- Fix rawvid video in NV12
- Fix several issues on Windows hardware decoding (including 'too large resolution in DxVA')
- Improve crunchyroll-produced SSA rendering
+ Video Output:
- Super Resolution scaling with nVidia and Intel GPUs
- Fix for an issue when cropping on Direct3D9
- Multiple fixes for hardware decoding on D3D11 and OpenGL interop
- Fix an issue when playing -90rotated video
- Fix subtitles rendering blur on recent macOS
+ Input:
- Improve SMB compatibility with Windows 11 hosts
+ Contribs:
- Update of fluidlite, fixing some MIDI rendering on Windows
- Update of zlib to 1.2.13 (CVE-2022-37434)
- Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass
+ Misc:
- Improve muxing timestamps in a few formats (reset to 0)
- Fix some rendering issues on Linux with the fullscreen controller
- Fix GOOM visualization
- Fixes for Youtube playback
- Fix some MPRIS inconsistencies that broke some OS widgets on Linux
- Implement MPRIS TrackList signals
- Fix opening files in read-only mode
- Fix password search using the Kwallet backend
- Fix some crashes on macOS when switching application
- Fix 5.1/7.1 output on macOS and tvOS
- Fix several crashes and bugs in the macOS preferences panel
- Improvements on the threading of the MMDevice audio output on Windows
- Fix a potential security issue on the uninstaller DLLs
- Fix memory leaks when using the media_list_player libVLC APIs
+ Translations:
- Update of most translations
- New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili
Patchnames: openSUSE-2023-366
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
62 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for vlc",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for vlc fixes the following issues:\n\nUpdate to version 3.0.20:\n\n+ Video Output:\n - Fix green line in fullscreen in D3D11 video output\n - Fix crash with some AMD drivers old versions\n - Fix events propagation issue when double-clicking with mouse wheel\n+ Decoders:\n - Fix crash when AV1 hardware decoder fails\n+ Interface:\n - Fix annoying disappearance of the Windows fullscreen controller\n+ Demuxers:\n - Fix potential security issue (OOB Write) on MMS:// by checking user size bounds\n\nUpdate to version 3.0.19:\n\n+ Core: \n - Fix next-frame freezing in most scenarios\n+ Demux: \n - Support RIFF INFO tags for Wav files\n - Fix AVI files with flipped RAW video planes\n - Fix duration on short and small Ogg/Opus files\n - Fix some HLS/TS streams with ID3 prefix\n - Fix some HLS playlist refresh drift\n - Fix for GoPro MAX spatial metadata\n - Improve FFmpeg-muxed MP4 chapters handling\n - Improve playback for QNap-produced AVI files\n - Improve playback of some old RealVideo files\n - Fix duration probing on some MP4 with missing information\n+ Decoders:\n - Multiple fixes on AAC handling\n - Activate hardware decoding of AV1 on Windows (DxVA)\n - Improve AV1 HDR support with software decoding\n - Fix some AV1 GBRP streams, AV1 super-resolution streams and monochrome ones\n - Fix black screen on poorly edited MP4 files on Android Mediacodec\n - Fix rawvid video in NV12\n - Fix several issues on Windows hardware decoding (including \u0027too large resolution in DxVA\u0027)\n - Improve crunchyroll-produced SSA rendering\n+ Video Output:\n - Super Resolution scaling with nVidia and Intel GPUs\n - Fix for an issue when cropping on Direct3D9\n - Multiple fixes for hardware decoding on D3D11 and OpenGL interop\n - Fix an issue when playing -90rotated video\n - Fix subtitles rendering blur on recent macOS\n+ Input:\n - Improve SMB compatibility with Windows 11 hosts\n+ Contribs:\n - Update of fluidlite, fixing some MIDI rendering on Windows\n - Update of zlib to 1.2.13 (CVE-2022-37434)\n - Update of FFmpeg, vpx (CVE-2023-5217), ebml, dav1d, libass\n+ Misc:\n - Improve muxing timestamps in a few formats (reset to 0)\n - Fix some rendering issues on Linux with the fullscreen controller\n - Fix GOOM visualization\n - Fixes for Youtube playback\n - Fix some MPRIS inconsistencies that broke some OS widgets on Linux\n - Implement MPRIS TrackList signals\n - Fix opening files in read-only mode\n - Fix password search using the Kwallet backend\n - Fix some crashes on macOS when switching application\n - Fix 5.1/7.1 output on macOS and tvOS\n - Fix several crashes and bugs in the macOS preferences panel\n - Improvements on the threading of the MMDevice audio output on Windows\n - Fix a potential security issue on the uninstaller DLLs\n - Fix memory leaks when using the media_list_player libVLC APIs\n+ Translations:\n - Update of most translations\n - New translations to Esperanto, Interlingue, Lao, Macedonian, Burmese, Odia, Samoan and Swahili\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2023-366",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2023_0366-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2023:0366-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M45KVAFI32X55HONDKLE2FBN6GETMIUL/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2023:0366-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M45KVAFI32X55HONDKLE2FBN6GETMIUL/"
},
{
"category": "self",
"summary": "SUSE Bug 1206142",
"url": "https://bugzilla.suse.com/1206142"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-37434 page",
"url": "https://www.suse.com/security/cve/CVE-2022-37434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-41325 page",
"url": "https://www.suse.com/security/cve/CVE-2022-41325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "Security update for vlc",
"tracking": {
"current_release_date": "2023-11-12T13:01:02Z",
"generator": {
"date": "2023-11-12T13:01:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2023:0366-1",
"initial_release_date": "2023-11-12T13:01:02Z",
"revision_history": [
{
"date": "2023-11-12T13:01:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "libvlc5-3.0.20-bp155.2.3.1.aarch64",
"product_id": "libvlc5-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"product_id": "libvlccore9-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-devel-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-jack-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-noX-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-qt-3.0.20-bp155.2.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"product": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"product_id": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "vlc-lang-3.0.20-bp155.2.3.1.noarch",
"product": {
"name": "vlc-lang-3.0.20-bp155.2.3.1.noarch",
"product_id": "vlc-lang-3.0.20-bp155.2.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "libvlc5-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"product": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"product_id": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libvlc5-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "libvlc5-3.0.20-bp155.2.3.1.x86_64",
"product_id": "libvlc5-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"product_id": "libvlccore9-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-devel-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-jack-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-noX-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-qt-3.0.20-bp155.2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"product": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"product_id": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP5",
"product": {
"name": "SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-lang-3.0.20-bp155.2.3.1.noarch as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch"
},
"product_reference": "vlc-lang-3.0.20-bp155.2.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 as component of SUSE Package Hub 15 SP5",
"product_id": "SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlc5-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "libvlc5-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvlccore9-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-devel-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-jack-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-lang-3.0.20-bp155.2.3.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch"
},
"product_reference": "vlc-lang-3.0.20-bp155.2.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-noX-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-qt-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
},
"product_reference": "vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-37434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-37434"
}
],
"notes": [
{
"category": "general",
"text": "zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-37434",
"url": "https://www.suse.com/security/cve/CVE-2022-37434"
},
{
"category": "external",
"summary": "SUSE Bug 1202175 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1202175"
},
{
"category": "external",
"summary": "SUSE Bug 1203030 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1203030"
},
{
"category": "external",
"summary": "SUSE Bug 1205074 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1205074"
},
{
"category": "external",
"summary": "SUSE Bug 1205289 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1205289"
},
{
"category": "external",
"summary": "SUSE Bug 1216542 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1216542"
},
{
"category": "external",
"summary": "SUSE Bug 1225671 for CVE-2022-37434",
"url": "https://bugzilla.suse.com/1225671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-12T13:01:02Z",
"details": "important"
}
],
"title": "CVE-2022-37434"
},
{
"cve": "CVE-2022-41325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-41325"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-41325",
"url": "https://www.suse.com/security/cve/CVE-2022-41325"
},
{
"category": "external",
"summary": "SUSE Bug 1206142 for CVE-2022-41325",
"url": "https://bugzilla.suse.com/1206142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-12T13:01:02Z",
"details": "important"
}
],
"title": "CVE-2022-41325"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"SUSE Package Hub 15 SP5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlc5-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:libvlccore9-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-codec-gstreamer-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-devel-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-jack-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-lang-3.0.20-bp155.2.3.1.noarch",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-noX-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-opencv-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-qt-3.0.20-bp155.2.3.1.x86_64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.aarch64",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.ppc64le",
"openSUSE Leap 15.5:vlc-vdpau-3.0.20-bp155.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-12T13:01:02Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13269-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
chromedriver-117.0.5938.132-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: chromedriver-117.0.5938.132-1.1 on GA media
Description of the patch: These are all security issues fixed in the chromedriver-117.0.5938.132-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13269
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "chromedriver-117.0.5938.132-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the chromedriver-117.0.5938.132-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13269",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13269-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5186 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5187 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "chromedriver-117.0.5938.132-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13269-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-117.0.5938.132-1.1.aarch64",
"product": {
"name": "chromedriver-117.0.5938.132-1.1.aarch64",
"product_id": "chromedriver-117.0.5938.132-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-117.0.5938.132-1.1.aarch64",
"product": {
"name": "chromium-117.0.5938.132-1.1.aarch64",
"product_id": "chromium-117.0.5938.132-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-117.0.5938.132-1.1.ppc64le",
"product": {
"name": "chromedriver-117.0.5938.132-1.1.ppc64le",
"product_id": "chromedriver-117.0.5938.132-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "chromium-117.0.5938.132-1.1.ppc64le",
"product": {
"name": "chromium-117.0.5938.132-1.1.ppc64le",
"product_id": "chromium-117.0.5938.132-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-117.0.5938.132-1.1.s390x",
"product": {
"name": "chromedriver-117.0.5938.132-1.1.s390x",
"product_id": "chromedriver-117.0.5938.132-1.1.s390x"
}
},
{
"category": "product_version",
"name": "chromium-117.0.5938.132-1.1.s390x",
"product": {
"name": "chromium-117.0.5938.132-1.1.s390x",
"product_id": "chromium-117.0.5938.132-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-117.0.5938.132-1.1.x86_64",
"product": {
"name": "chromedriver-117.0.5938.132-1.1.x86_64",
"product_id": "chromedriver-117.0.5938.132-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-117.0.5938.132-1.1.x86_64",
"product": {
"name": "chromium-117.0.5938.132-1.1.x86_64",
"product_id": "chromium-117.0.5938.132-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-117.0.5938.132-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64"
},
"product_reference": "chromedriver-117.0.5938.132-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-117.0.5938.132-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le"
},
"product_reference": "chromedriver-117.0.5938.132-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-117.0.5938.132-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x"
},
"product_reference": "chromedriver-117.0.5938.132-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-117.0.5938.132-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64"
},
"product_reference": "chromedriver-117.0.5938.132-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-117.0.5938.132-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64"
},
"product_reference": "chromium-117.0.5938.132-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-117.0.5938.132-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le"
},
"product_reference": "chromium-117.0.5938.132-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-117.0.5938.132-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x"
},
"product_reference": "chromium-117.0.5938.132-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-117.0.5938.132-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
},
"product_reference": "chromium-117.0.5938.132-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5186"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5186",
"url": "https://www.suse.com/security/cve/CVE-2023-5186"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5186",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5186"
},
{
"cve": "CVE-2023-5187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5187"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5187",
"url": "https://www.suse.com/security/cve/CVE-2023-5187"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5187",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5187"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromedriver-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:chromium-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13272-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaFirefox-118.0.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaFirefox-118.0.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaFirefox-118.0.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13272
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.4 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.4 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
35 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaFirefox-118.0.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaFirefox-118.0.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13272",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13272-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5168 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5168/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5169 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5170 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5170/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5171 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5172 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5173 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5174 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5174/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5175 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5176 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "MozillaFirefox-118.0.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13272-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-118.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-118.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-118.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-118.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-118.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-devel-118.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-common-118.0.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"product_id": "MozillaFirefox-translations-other-118.0.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-118.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-118.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-118.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-devel-118.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-118.0.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-118.0.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-118.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-118.0.1-1.1.s390x",
"product_id": "MozillaFirefox-118.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-118.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-118.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-devel-118.0.1-1.1.s390x",
"product_id": "MozillaFirefox-devel-118.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-common-118.0.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"product_id": "MozillaFirefox-translations-other-118.0.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-118.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-118.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-118.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-118.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-118.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-devel-118.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-common-118.0.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-118.0.1-1.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.x86_64",
"product_id": "MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-118.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-118.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-118.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-118.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-118.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-118.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-118.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-118.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-118.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-118.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-118.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-118.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-devel-118.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-118.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-118.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-118.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-118.0.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-118.0.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5168",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5168"
}
],
"notes": [
{
"category": "general",
"text": "A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process.\n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5168",
"url": "https://www.suse.com/security/cve/CVE-2023-5168"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5168",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5168"
},
{
"cve": "CVE-2023-5169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5169"
}
],
"notes": [
{
"category": "general",
"text": "A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5169",
"url": "https://www.suse.com/security/cve/CVE-2023-5169"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5169",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5169"
},
{
"cve": "CVE-2023-5170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5170"
}
],
"notes": [
{
"category": "general",
"text": "In canvas rendering, a compromised content process could have caused a surface to change unexpectedly, leading to a memory leak of a privileged process. This memory leak could be used to effect a sandbox escape if the correct data was leaked. This vulnerability affects Firefox \u003c 118.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5170",
"url": "https://www.suse.com/security/cve/CVE-2023-5170"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5170",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5170"
},
{
"cve": "CVE-2023-5171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5171"
}
],
"notes": [
{
"category": "general",
"text": "During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5171",
"url": "https://www.suse.com/security/cve/CVE-2023-5171"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5171",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5171"
},
{
"cve": "CVE-2023-5172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5172"
}
],
"notes": [
{
"category": "general",
"text": "A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox \u003c 118.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5172",
"url": "https://www.suse.com/security/cve/CVE-2023-5172"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5172",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5172"
},
{
"cve": "CVE-2023-5173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5173"
}
],
"notes": [
{
"category": "general",
"text": "In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. \n*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox \u003c 118.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5173",
"url": "https://www.suse.com/security/cve/CVE-2023-5173"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5173",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5173"
},
{
"cve": "CVE-2023-5174",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5174"
}
],
"notes": [
{
"category": "general",
"text": "If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash.\n*This bug only affects Firefox on Windows when run in non-standard configurations (such as using `runas`). Other operating systems are unaffected.* This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5174",
"url": "https://www.suse.com/security/cve/CVE-2023-5174"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5174",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5174"
},
{
"cve": "CVE-2023-5175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5175"
}
],
"notes": [
{
"category": "general",
"text": "During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox \u003c 118.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5175",
"url": "https://www.suse.com/security/cve/CVE-2023-5175"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5175",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5175"
},
{
"cve": "CVE-2023-5176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5176"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 118, Firefox ESR \u003c 115.3, and Thunderbird \u003c 115.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5176",
"url": "https://www.suse.com/security/cve/CVE-2023-5176"
},
{
"category": "external",
"summary": "SUSE Bug 1215575 for CVE-2023-5176",
"url": "https://bugzilla.suse.com/1215575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2023-5176"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-branding-upstream-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-devel-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-common-118.0.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaFirefox-translations-other-118.0.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13274-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libvpx-devel-1.13.0-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: libvpx-devel-1.13.0-2.1 on GA media
Description of the patch: These are all security issues fixed in the libvpx-devel-1.13.0-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13274
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-1.13.0-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-1.13.0-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-1.13.0-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-1.13.0-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-5217/ | self |
| https://www.suse.com/security/cve/CVE-2023-5217 | external |
| https://bugzilla.suse.com/1215776 | external |
| https://bugzilla.suse.com/1215778 | external |
| https://bugzilla.suse.com/1215814 | external |
| https://bugzilla.suse.com/1217559 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libvpx-devel-1.13.0-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libvpx-devel-1.13.0-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13274",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13274-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "libvpx-devel-1.13.0-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13274-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libvpx-devel-1.13.0-2.1.aarch64",
"product": {
"name": "libvpx-devel-1.13.0-2.1.aarch64",
"product_id": "libvpx-devel-1.13.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvpx8-1.13.0-2.1.aarch64",
"product": {
"name": "libvpx8-1.13.0-2.1.aarch64",
"product_id": "libvpx8-1.13.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libvpx8-32bit-1.13.0-2.1.aarch64",
"product": {
"name": "libvpx8-32bit-1.13.0-2.1.aarch64",
"product_id": "libvpx8-32bit-1.13.0-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "vpx-tools-1.13.0-2.1.aarch64",
"product": {
"name": "vpx-tools-1.13.0-2.1.aarch64",
"product_id": "vpx-tools-1.13.0-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libvpx-devel-1.13.0-2.1.ppc64le",
"product": {
"name": "libvpx-devel-1.13.0-2.1.ppc64le",
"product_id": "libvpx-devel-1.13.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvpx8-1.13.0-2.1.ppc64le",
"product": {
"name": "libvpx8-1.13.0-2.1.ppc64le",
"product_id": "libvpx8-1.13.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libvpx8-32bit-1.13.0-2.1.ppc64le",
"product": {
"name": "libvpx8-32bit-1.13.0-2.1.ppc64le",
"product_id": "libvpx8-32bit-1.13.0-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "vpx-tools-1.13.0-2.1.ppc64le",
"product": {
"name": "vpx-tools-1.13.0-2.1.ppc64le",
"product_id": "vpx-tools-1.13.0-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libvpx-devel-1.13.0-2.1.s390x",
"product": {
"name": "libvpx-devel-1.13.0-2.1.s390x",
"product_id": "libvpx-devel-1.13.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvpx8-1.13.0-2.1.s390x",
"product": {
"name": "libvpx8-1.13.0-2.1.s390x",
"product_id": "libvpx8-1.13.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libvpx8-32bit-1.13.0-2.1.s390x",
"product": {
"name": "libvpx8-32bit-1.13.0-2.1.s390x",
"product_id": "libvpx8-32bit-1.13.0-2.1.s390x"
}
},
{
"category": "product_version",
"name": "vpx-tools-1.13.0-2.1.s390x",
"product": {
"name": "vpx-tools-1.13.0-2.1.s390x",
"product_id": "vpx-tools-1.13.0-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libvpx-devel-1.13.0-2.1.x86_64",
"product": {
"name": "libvpx-devel-1.13.0-2.1.x86_64",
"product_id": "libvpx-devel-1.13.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvpx8-1.13.0-2.1.x86_64",
"product": {
"name": "libvpx8-1.13.0-2.1.x86_64",
"product_id": "libvpx8-1.13.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libvpx8-32bit-1.13.0-2.1.x86_64",
"product": {
"name": "libvpx8-32bit-1.13.0-2.1.x86_64",
"product_id": "libvpx8-32bit-1.13.0-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "vpx-tools-1.13.0-2.1.x86_64",
"product": {
"name": "vpx-tools-1.13.0-2.1.x86_64",
"product_id": "vpx-tools-1.13.0-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx-devel-1.13.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.aarch64"
},
"product_reference": "libvpx-devel-1.13.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx-devel-1.13.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.ppc64le"
},
"product_reference": "libvpx-devel-1.13.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx-devel-1.13.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.s390x"
},
"product_reference": "libvpx-devel-1.13.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx-devel-1.13.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.x86_64"
},
"product_reference": "libvpx-devel-1.13.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-1.13.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-1.13.0-2.1.aarch64"
},
"product_reference": "libvpx8-1.13.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-1.13.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-1.13.0-2.1.ppc64le"
},
"product_reference": "libvpx8-1.13.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-1.13.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-1.13.0-2.1.s390x"
},
"product_reference": "libvpx8-1.13.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-1.13.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-1.13.0-2.1.x86_64"
},
"product_reference": "libvpx8-1.13.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-32bit-1.13.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.aarch64"
},
"product_reference": "libvpx8-32bit-1.13.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-32bit-1.13.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.ppc64le"
},
"product_reference": "libvpx8-32bit-1.13.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-32bit-1.13.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.s390x"
},
"product_reference": "libvpx8-32bit-1.13.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libvpx8-32bit-1.13.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.x86_64"
},
"product_reference": "libvpx8-32bit-1.13.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vpx-tools-1.13.0-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.aarch64"
},
"product_reference": "vpx-tools-1.13.0-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vpx-tools-1.13.0-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.ppc64le"
},
"product_reference": "vpx-tools-1.13.0-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vpx-tools-1.13.0-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.s390x"
},
"product_reference": "vpx-tools-1.13.0-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vpx-tools-1.13.0-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.x86_64"
},
"product_reference": "vpx-tools-1.13.0-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx-devel-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:libvpx8-32bit-1.13.0-2.1.x86_64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.aarch64",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.ppc64le",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.s390x",
"openSUSE Tumbleweed:vpx-tools-1.13.0-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13276-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
ungoogled-chromium-117.0.5938.132-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: ungoogled-chromium-117.0.5938.132-1.1 on GA media
Description of the patch: These are all security issues fixed in the ungoogled-chromium-117.0.5938.132-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13276
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ungoogled-chromium-117.0.5938.132-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ungoogled-chromium-117.0.5938.132-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13276",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13276-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5186 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5187 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "ungoogled-chromium-117.0.5938.132-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13276-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"product": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"product_id": "ungoogled-chromium-117.0.5938.132-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"product": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"product_id": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"product": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"product_id": "ungoogled-chromium-117.0.5938.132-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"product": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"product_id": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ungoogled-chromium-117.0.5938.132-1.1.s390x",
"product": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.s390x",
"product_id": "ungoogled-chromium-117.0.5938.132-1.1.s390x"
}
},
{
"category": "product_version",
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"product": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"product_id": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"product": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"product_id": "ungoogled-chromium-117.0.5938.132-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64",
"product": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64",
"product_id": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64"
},
"product_reference": "ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le"
},
"product_reference": "ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x"
},
"product_reference": "ungoogled-chromium-117.0.5938.132-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-117.0.5938.132-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64"
},
"product_reference": "ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64"
},
"product_reference": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le"
},
"product_reference": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x"
},
"product_reference": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
},
"product_reference": "ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5186"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5186",
"url": "https://www.suse.com/security/cve/CVE-2023-5186"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5186",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5186"
},
{
"cve": "CVE-2023-5187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5187"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5187",
"url": "https://www.suse.com/security/cve/CVE-2023-5187"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5187",
"url": "https://bugzilla.suse.com/1215776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5187"
},
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-117.0.5938.132-1.1.x86_64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.aarch64",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.ppc64le",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.s390x",
"openSUSE Tumbleweed:ungoogled-chromium-chromedriver-117.0.5938.132-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13277-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
MozillaThunderbird-115.3.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: MozillaThunderbird-115.3.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the MozillaThunderbird-115.3.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13277
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-5217/ | self |
| https://www.suse.com/security/cve/CVE-2023-5217 | external |
| https://bugzilla.suse.com/1215776 | external |
| https://bugzilla.suse.com/1215778 | external |
| https://bugzilla.suse.com/1215814 | external |
| https://bugzilla.suse.com/1217559 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "MozillaThunderbird-115.3.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the MozillaThunderbird-115.3.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13277",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13277-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "MozillaThunderbird-115.3.1-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13277-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.3.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-115.3.1-1.1.aarch64",
"product_id": "MozillaThunderbird-115.3.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-115.3.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-115.3.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.3.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-115.3.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-115.3.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.3.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-115.3.1-1.1.s390x",
"product_id": "MozillaThunderbird-115.3.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-common-115.3.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"product_id": "MozillaThunderbird-translations-other-115.3.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-115.3.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-115.3.1-1.1.x86_64",
"product_id": "MozillaThunderbird-115.3.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-115.3.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-115.3.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.3.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-115.3.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.3.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-115.3.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.3.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-115.3.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-115.3.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-115.3.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-115.3.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-115.3.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-115.3.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-common-115.3.1-1.1.x86_64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.aarch64",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.ppc64le",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.s390x",
"openSUSE Tumbleweed:MozillaThunderbird-translations-other-115.3.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
OPENSUSE-SU-2024:13283-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
nodejs-electron-25.8.4-2.1 on GA media
Severity
Moderate
Notes
Title of the patch: nodejs-electron-25.8.4-2.1 on GA media
Description of the patch: These are all security issues fixed in the nodejs-electron-25.8.4-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13283
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2023-5217/ | self |
| https://www.suse.com/security/cve/CVE-2023-5217 | external |
| https://bugzilla.suse.com/1215776 | external |
| https://bugzilla.suse.com/1215778 | external |
| https://bugzilla.suse.com/1215814 | external |
| https://bugzilla.suse.com/1217559 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "nodejs-electron-25.8.4-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the nodejs-electron-25.8.4-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13283",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13283-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5217 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5217/"
}
],
"title": "nodejs-electron-25.8.4-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13283-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "nodejs-electron-25.8.4-2.1.aarch64",
"product": {
"name": "nodejs-electron-25.8.4-2.1.aarch64",
"product_id": "nodejs-electron-25.8.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs-electron-devel-25.8.4-2.1.aarch64",
"product": {
"name": "nodejs-electron-devel-25.8.4-2.1.aarch64",
"product_id": "nodejs-electron-devel-25.8.4-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "nodejs-electron-doc-25.8.4-2.1.aarch64",
"product": {
"name": "nodejs-electron-doc-25.8.4-2.1.aarch64",
"product_id": "nodejs-electron-doc-25.8.4-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-electron-25.8.4-2.1.ppc64le",
"product": {
"name": "nodejs-electron-25.8.4-2.1.ppc64le",
"product_id": "nodejs-electron-25.8.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs-electron-devel-25.8.4-2.1.ppc64le",
"product": {
"name": "nodejs-electron-devel-25.8.4-2.1.ppc64le",
"product_id": "nodejs-electron-devel-25.8.4-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "nodejs-electron-doc-25.8.4-2.1.ppc64le",
"product": {
"name": "nodejs-electron-doc-25.8.4-2.1.ppc64le",
"product_id": "nodejs-electron-doc-25.8.4-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-electron-25.8.4-2.1.s390x",
"product": {
"name": "nodejs-electron-25.8.4-2.1.s390x",
"product_id": "nodejs-electron-25.8.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs-electron-devel-25.8.4-2.1.s390x",
"product": {
"name": "nodejs-electron-devel-25.8.4-2.1.s390x",
"product_id": "nodejs-electron-devel-25.8.4-2.1.s390x"
}
},
{
"category": "product_version",
"name": "nodejs-electron-doc-25.8.4-2.1.s390x",
"product": {
"name": "nodejs-electron-doc-25.8.4-2.1.s390x",
"product_id": "nodejs-electron-doc-25.8.4-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "nodejs-electron-25.8.4-2.1.x86_64",
"product": {
"name": "nodejs-electron-25.8.4-2.1.x86_64",
"product_id": "nodejs-electron-25.8.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs-electron-devel-25.8.4-2.1.x86_64",
"product": {
"name": "nodejs-electron-devel-25.8.4-2.1.x86_64",
"product_id": "nodejs-electron-devel-25.8.4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "nodejs-electron-doc-25.8.4-2.1.x86_64",
"product": {
"name": "nodejs-electron-doc-25.8.4-2.1.x86_64",
"product_id": "nodejs-electron-doc-25.8.4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-25.8.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.aarch64"
},
"product_reference": "nodejs-electron-25.8.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-25.8.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.ppc64le"
},
"product_reference": "nodejs-electron-25.8.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-25.8.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.s390x"
},
"product_reference": "nodejs-electron-25.8.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-25.8.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.x86_64"
},
"product_reference": "nodejs-electron-25.8.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-devel-25.8.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.aarch64"
},
"product_reference": "nodejs-electron-devel-25.8.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-devel-25.8.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.ppc64le"
},
"product_reference": "nodejs-electron-devel-25.8.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-devel-25.8.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.s390x"
},
"product_reference": "nodejs-electron-devel-25.8.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-devel-25.8.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.x86_64"
},
"product_reference": "nodejs-electron-devel-25.8.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-doc-25.8.4-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.aarch64"
},
"product_reference": "nodejs-electron-doc-25.8.4-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-doc-25.8.4-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.ppc64le"
},
"product_reference": "nodejs-electron-doc-25.8.4-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-doc-25.8.4-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.s390x"
},
"product_reference": "nodejs-electron-doc-25.8.4-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "nodejs-electron-doc-25.8.4-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.x86_64"
},
"product_reference": "nodejs-electron-doc-25.8.4-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5217"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5217",
"url": "https://www.suse.com/security/cve/CVE-2023-5217"
},
{
"category": "external",
"summary": "SUSE Bug 1215776 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215776"
},
{
"category": "external",
"summary": "SUSE Bug 1215778 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215778"
},
{
"category": "external",
"summary": "SUSE Bug 1215814 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1215814"
},
{
"category": "external",
"summary": "SUSE Bug 1217559 for CVE-2023-5217",
"url": "https://bugzilla.suse.com/1217559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-devel-25.8.4-2.1.x86_64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.aarch64",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.ppc64le",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.s390x",
"openSUSE Tumbleweed:nodejs-electron-doc-25.8.4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-5217"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…