Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-1283 (GCVE-0-2015-1283)
Vulnerability from cvelistv5 – Published: 2015-07-23 00:00 – Updated: 2024-08-06 04:40
VLAI
EPSS
Summary
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
20 references
Date Public
2015-07-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:40:17.858Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2015:1499",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"name": "openSUSE-SU-2016:1523",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"name": "openSUSE-SU-2015:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name": "1033031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name": "DSA-3318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "SUSE-SU-2016:1508",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"name": "GLSA-201701-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "SUSE-SU-2016:1512",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://codereview.chromium.org/1224303003"
},
{
"name": "75973",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75973"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name": "USN-2726-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"name": "openSUSE-SU-2016:1441",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"name": "DSA-3315",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-31T07:06:31.000Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2015:1499",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"name": "openSUSE-SU-2016:1523",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"name": "openSUSE-SU-2015:1287",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name": "1033031",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name": "DSA-3318",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "SUSE-SU-2016:1508",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"name": "GLSA-201701-21",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "GLSA-201603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "SUSE-SU-2016:1512",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://codereview.chromium.org/1224303003"
},
{
"name": "75973",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75973"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name": "USN-2726-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"name": "openSUSE-SU-2016:1441",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"name": "DSA-3315",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2015-1283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/tns-2016-20",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2015:1499",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=492052",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"name": "openSUSE-SU-2016:1523",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"name": "openSUSE-SU-2015:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name": "1033031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name": "DSA-3318",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "SUSE-SU-2016:1508",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"name": "GLSA-201701-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "SUSE-SU-2016:1512",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"name": "https://codereview.chromium.org/1224303003",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1224303003"
},
{
"name": "75973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name": "USN-2726-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"name": "openSUSE-SU-2016:1441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"name": "DSA-3315",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2015-1283",
"datePublished": "2015-07-23T00:00:00.000Z",
"dateReserved": "2015-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:40:17.858Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2015-1283",
"date": "2026-05-27",
"epss": "0.00521",
"percentile": "0.67062"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-1283\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2015-07-23T00:59:12.680\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de desbordamiento de entero en la funci\u00f3n XML_GetBuffer en Expat hasta la versi\u00f3n 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante un desbordamiento de buffer basado en memoria din\u00e1mica o, posiblemente tener otro impacto no especificado a trav\u00e9s de datos XML manipulados, un tema relacionado con CVE-2015-2716.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"43.0.2357.134\",\"matchCriteriaId\":\"4CD601FD-6060-4CC5-81DA-BDDE41485613\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.1.0\",\"matchCriteriaId\":\"B366ABE5-5936-47A6-9370-602954E4B40D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.12\",\"matchCriteriaId\":\"1D73CCB4-4EB4-46C2-B29A-55B5A2E0B139\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3.0\",\"versionEndExcluding\":\"3.3.7\",\"matchCriteriaId\":\"2E822AE7-709A-4DA4-B2C6-7A5968AE62FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.4.0\",\"versionEndExcluding\":\"3.4.5\",\"matchCriteriaId\":\"E8C7514C-10D7-4B68-99D1-21F8474AD25C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.2\",\"matchCriteriaId\":\"FF4B7851-5B65-4DB7-8AB4-6F6AF940272C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"CB66DB75-2B16-4EBF-9B93-CE49D8086E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38D3B7E-8429-473F-BB31-FC3583EE5A5B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F892F1B0-514C-42F7-90AE-12ACDFDC1033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74BCA435-7594-49E8-9BAE-9E02E129B6C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4863BE36-D16A-4D75-90D9-FD76DB5B48B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A0BA503-3F96-48DA-AF47-FBA37A9D0C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5561F-BE86-4EEA-99D4-8697F8BD9DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"15FC9014-BD85-4382-9D04-C0703E901D7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2076747F-A98E-4DD9-9B52-BF1732BCAD3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D41A798E-0D69-43C7-9A63-1E5921138EAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"1831D45A-EE6E-4220-8F8C-248B69520948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A633996-2FD7-467C-BAA6-529E16BD06D1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"964B57CD-CB8A-4520-B358-1C93EC5EF2DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A602C5-61FE-47BA-9786-F045B6C6DBA8\"}]}]}],\"references\":[{\"url\":\"http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1499.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3315\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3318\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.securityfocus.com/bid/75973\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.securitytracker.com/id/1033031\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2726-1\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=492052\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://codereview.chromium.org/1224303003\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://security.gentoo.org/glsa/201603-09\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://security.gentoo.org/glsa/201701-21\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://source.android.com/security/bulletin/2016-11-01.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-1499.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3315\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/75973\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1033031\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2726-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://code.google.com/p/chromium/issues/detail?id=492052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://codereview.chromium.org/1224303003\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201603-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/2016-11-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.tenable.com/security/tns-2016-20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2015-AVI-312
Vulnerability from certfr_avis - Published: 2015-07-22 - Updated: 2015-07-22
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Chrome versions antérieures à 44.0.2403.89
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Chrome versions ant\u00e9rieures \u00e0 44.0.2403.89\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-1281",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1281"
},
{
"name": "CVE-2015-1277",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1277"
},
{
"name": "CVE-2015-1275",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1275"
},
{
"name": "CVE-2015-1272",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1272"
},
{
"name": "CVE-2015-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1271"
},
{
"name": "CVE-2015-1279",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1279"
},
{
"name": "CVE-2015-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1289"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2015-1278",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1278"
},
{
"name": "CVE-2015-1282",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1282"
},
{
"name": "CVE-2015-1280",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1280"
},
{
"name": "CVE-2015-1273",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1273"
},
{
"name": "CVE-2015-1270",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1270"
},
{
"name": "CVE-2015-1284",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1284"
},
{
"name": "CVE-2015-1287",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1287"
},
{
"name": "CVE-2015-1285",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1285"
},
{
"name": "CVE-2015-1288",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1288"
},
{
"name": "CVE-2015-1274",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1274"
},
{
"name": "CVE-2015-1276",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1276"
},
{
"name": "CVE-2015-1286",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1286"
}
],
"initial_release_date": "2015-07-22T00:00:00",
"last_revision_date": "2015-07-22T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-312",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Chrome\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google du 21 juillet 2015",
"url": "http://googlechromereleases.blogspot.fr/2015/07/stable-channel-update_21.html"
}
]
}
CERTFR-2016-AVI-370
Vulnerability from certfr_avis - Published: 2016-11-08 - Updated: 2016-11-08
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 7 novembre 2016
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 7 novembre 2016\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-6718",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6718"
},
{
"name": "CVE-2014-9908",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9908"
},
{
"name": "CVE-2016-7916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7916"
},
{
"name": "CVE-2016-6732",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6732"
},
{
"name": "CVE-2016-6719",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6719"
},
{
"name": "CVE-2016-6739",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6739"
},
{
"name": "CVE-2016-7914",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7914"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2016-7917",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7917"
},
{
"name": "CVE-2016-7913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7913"
},
{
"name": "CVE-2015-0410",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0410"
},
{
"name": "CVE-2016-6728",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6728"
},
{
"name": "CVE-2016-6730",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6730"
},
{
"name": "CVE-2016-6751",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6751"
},
{
"name": "CVE-2016-6714",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6714"
},
{
"name": "CVE-2016-6707",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6707"
},
{
"name": "CVE-2016-7912",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7912"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2015-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8961"
},
{
"name": "CVE-2016-6709",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6709"
},
{
"name": "CVE-2016-0718",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0718"
},
{
"name": "CVE-2016-6727",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6727"
},
{
"name": "CVE-2016-6704",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6704"
},
{
"name": "CVE-2016-5300",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
},
{
"name": "CVE-2016-6702",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6702"
},
{
"name": "CVE-2016-6729",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6729"
},
{
"name": "CVE-2016-6715",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6715"
},
{
"name": "CVE-2016-6735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6735"
},
{
"name": "CVE-2016-7915",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7915"
},
{
"name": "CVE-2016-6698",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6698"
},
{
"name": "CVE-2012-6702",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6702"
},
{
"name": "CVE-2016-3906",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3906"
},
{
"name": "CVE-2016-6706",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6706"
},
{
"name": "CVE-2016-6717",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6717"
},
{
"name": "CVE-2015-8963",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8963"
},
{
"name": "CVE-2016-6725",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6725"
},
{
"name": "CVE-2016-6700",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6700"
},
{
"name": "CVE-2016-6746",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6746"
},
{
"name": "CVE-2016-6738",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6738"
},
{
"name": "CVE-2016-6740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6740"
},
{
"name": "CVE-2016-6724",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6724"
},
{
"name": "CVE-2016-6747",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6747"
},
{
"name": "CVE-2016-6744",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6744"
},
{
"name": "CVE-2016-6752",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6752"
},
{
"name": "CVE-2016-6711",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6711"
},
{
"name": "CVE-2016-3907",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3907"
},
{
"name": "CVE-2016-6710",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6710"
},
{
"name": "CVE-2016-6703",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6703"
},
{
"name": "CVE-2016-6754",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6754"
},
{
"name": "CVE-2016-6743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6743"
},
{
"name": "CVE-2016-6742",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6742"
},
{
"name": "CVE-2016-6749",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6749"
},
{
"name": "CVE-2016-6745",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6745"
},
{
"name": "CVE-2016-6720",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6720"
},
{
"name": "CVE-2016-6722",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6722"
},
{
"name": "CVE-2016-6721",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6721"
},
{
"name": "CVE-2016-6699",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6699"
},
{
"name": "CVE-2016-6733",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6733"
},
{
"name": "CVE-2016-6753",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6753"
},
{
"name": "CVE-2016-6750",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6750"
},
{
"name": "CVE-2016-6723",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6723"
},
{
"name": "CVE-2016-5195",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5195"
},
{
"name": "CVE-2016-2184",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2184"
},
{
"name": "CVE-2015-8962",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8962"
},
{
"name": "CVE-2016-7910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7910"
},
{
"name": "CVE-2016-6734",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6734"
},
{
"name": "CVE-2016-6741",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6741"
},
{
"name": "CVE-2016-7911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7911"
},
{
"name": "CVE-2016-6726",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6726"
},
{
"name": "CVE-2016-6737",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6737"
},
{
"name": "CVE-2016-6705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6705"
},
{
"name": "CVE-2015-8964",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8964"
},
{
"name": "CVE-2016-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6708"
},
{
"name": "CVE-2016-6736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6736"
},
{
"name": "CVE-2016-6748",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6748"
},
{
"name": "CVE-2016-6828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6828"
},
{
"name": "CVE-2016-6712",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6712"
},
{
"name": "CVE-2014-9675",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9675"
},
{
"name": "CVE-2016-6716",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6716"
},
{
"name": "CVE-2016-6713",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6713"
},
{
"name": "CVE-2016-6731",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6731"
},
{
"name": "CVE-2016-6701",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6701"
}
],
"initial_release_date": "2016-11-08T00:00:00",
"last_revision_date": "2016-11-08T00:00:00",
"links": [],
"reference": "CERTFR-2016-AVI-370",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-11-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Google du 07 novembre 2016",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
}
]
}
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: 2019-01-10 - Updated: 2019-01-10
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"initial_release_date": "2019-01-10T00:00:00",
"last_revision_date": "2019-01-10T00:00:00",
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2022-AVI-650
Vulnerability from certfr_avis - Published: 2022-07-15 - Updated: 2022-07-15
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.4.x antérieures à 20.4R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.1.x antérieures à 21.1R3-S1 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.1.x aantérieures à 21.1R3-S1-EVO | ||
| Juniper Networks | Junos OS | Junos OS versions 18.3.x antérieures à 18.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.3.x antérieures à 17.3R3-S12 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.4.x antérieures à 21.4R1-S2, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.2.x antérieures à 19.2R1-S8, 19.2R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.3.x antérieures à 21.3R2-S1-EVO, 21.3R3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.2.x antérieures à 21.2R2-S1, 21.2R3 | ||
| Juniper Networks | Junos Space | Junos Space versions antérieures à 22.1R1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 22.1.x antérieures à 22.1R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | N/A | Junos Space Security Director Policy Enforcer versions antérieures à 22.1R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.2.x antérieures à 21.2R2-S2, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.4.x antérieures à 19.4R2-S6, 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions supérieures à 20.1R1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.1.x antérieures à 19.1R2-S3, 19.1R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49, 15.1X49-D100 et suivantes antérieures à 19.2R3-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.2.x antérieures à 21.2R1-S1-EVO, 21.2R3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.4.x antérieures à 20.4R3-S2, 20.4R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.1.x antérieures à 21.1R2, 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.2.x antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.1.x antérieures à 21.1R3-S1 | ||
| Juniper Networks | Junos OS | Junos OS versions 21.3.x antérieures à 21.3R2-S1, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | N/A | Juniper Networks Contrail Networking versions antérieures à 21.4.0 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 19.4.x antérieures à 19.4R2-S5, 19.4R3-S8 | ||
| Juniper Networks | N/A | Contrôleur Juniper Networks NorthStar versions antérieures à 5.1.0 Service Pack 6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.4.x antérieures à 20.4R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.2.x antérieures à 21.2R1-S1, 21.2R2, 21.2R3-S1 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.2.x antérieures à 20.2R3-S5 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions 21.4.x antérieures à 21.4R1-S1-EVO, 21.4R2-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions antérieures à 19.2R1-S9, 19.2R3-S5 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 19.4.x antérieures à 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX toutes versions antérieures à 19.1R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS versions 19.3.x antérieures à 19.3R2-S7, 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.3.x antérieures à 21.3R2 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS versions 18.4.x antérieures à 18.4R2-S10, 18.4R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.2.x antérieures à 21.2R2-S2, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.1.x antérieures à 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.2.x antérieures à 21.2R2-S3, 21.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1.x antérieures à 15.1R7-S10 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.4R3-S3-EVO | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes EX versions 21.4.x antérieures à 21.4R1-S1, 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 19.3.x antérieures à 19.3R3-S6 | ||
| Juniper Networks | Junos OS | Junos OS versions antérieures à 12.3R12-S21 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.3.x antérieures à 21.3R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.4.x antérieures à 20.4R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 19.4.x antérieures à 19.4R3-S8 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.1.x antérieures à 20.1R3-S4 | ||
| Juniper Networks | N/A | Contrôleur Juniper Networks NorthStar versions 6.x antérieures à 6.2.2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions antérieures à 19.1R3-S9 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes QFX versions 20.2.x antérieures à 20.2R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.1.x antérieures à 21.1R2-S1, 21.1R3-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 20.3.x antérieures à 20.3R3-S3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes SRX versions 21.3.x antérieures à 21.3R1-S2, 21.3R2, 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 20.3.x antérieures à 20.3R3-S4 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.4.x antérieures à 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.4.x antérieures à 21.4R2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes MX versions 21.2.x antérieures à 21.2R2-S2 | ||
| Juniper Networks | Junos OS | Junos OS sur plateformes PTX versions 21.3.x antérieures à 21.3R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 20.4.x antérieures à 20.4R2-S2, 20.4R3-S3 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS sur plateformes MX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.1.x aant\u00e9rieures \u00e0 21.1R3-S1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.3.x ant\u00e9rieures \u00e0 18.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.3.x ant\u00e9rieures \u00e0 17.3R3-S12",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S2, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S8, 19.2R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1-EVO, 21.3R3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S1, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space versions ant\u00e9rieures \u00e0 22.1R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 22.1.x ant\u00e9rieures \u00e0 22.1R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space Security Director Policy Enforcer versions ant\u00e9rieures \u00e0 22.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S6, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions sup\u00e9rieures \u00e0 20.1R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.1.x ant\u00e9rieures \u00e0 19.1R2-S3, 19.1R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49, 15.1X49-D100 et suivantes ant\u00e9rieures \u00e0 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1-EVO, 21.2R3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2, 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.2.x ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 21.3.x ant\u00e9rieures \u00e0 21.3R2-S1, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Networks Contrail Networking versions ant\u00e9rieures \u00e0 21.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 19.4.x ant\u00e9rieures \u00e0 19.4R2-S5, 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contr\u00f4leur Juniper Networks NorthStar versions ant\u00e9rieures \u00e0 5.1.0 Service Pack 6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.2.x ant\u00e9rieures \u00e0 21.2R1-S1, 21.2R2, 21.2R3-S1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1-EVO, 21.4R2-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions ant\u00e9rieures \u00e0 19.2R1-S9, 19.2R3-S5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX toutes versions ant\u00e9rieures \u00e0 19.1R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 19.3.x ant\u00e9rieures \u00e0 19.3R2-S7, 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 18.4.x ant\u00e9rieures \u00e0 18.4R2-S10, 18.4R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.1.x ant\u00e9rieures \u00e0 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S3, 21.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1.x ant\u00e9rieures \u00e0 15.1R7-S10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S3-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes EX versions 21.4.x ant\u00e9rieures \u00e0 21.4R1-S1, 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 19.3.x ant\u00e9rieures \u00e0 19.3R3-S6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions ant\u00e9rieures \u00e0 12.3R12-S21",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.3.x ant\u00e9rieures \u00e0 21.3R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.4.x ant\u00e9rieures \u00e0 20.4R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 19.4.x ant\u00e9rieures \u00e0 19.4R3-S8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.1.x ant\u00e9rieures \u00e0 20.1R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Contr\u00f4leur Juniper Networks NorthStar versions 6.x ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions ant\u00e9rieures \u00e0 19.1R3-S9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes QFX versions 20.2.x ant\u00e9rieures \u00e0 20.2R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.1.x ant\u00e9rieures \u00e0 21.1R2-S1, 21.1R3-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes SRX versions 21.3.x ant\u00e9rieures \u00e0 21.3R1-S2, 21.3R2, 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 20.3.x ant\u00e9rieures \u00e0 20.3R3-S4",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.4.x ant\u00e9rieures \u00e0 21.4R2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes MX versions 21.2.x ant\u00e9rieures \u00e0 21.2R2-S2",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS sur plateformes PTX versions 21.3.x ant\u00e9rieures \u00e0 21.3R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 20.4.x ant\u00e9rieures \u00e0 20.4R2-S2, 20.4R3-S3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-0876",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0876"
},
{
"name": "CVE-2003-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2003-0001"
},
{
"name": "CVE-2015-2716",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2716"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2013-7422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-7422"
},
{
"name": "CVE-2015-7705",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7705"
},
{
"name": "CVE-2015-8035",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8035"
},
{
"name": "CVE-2016-2516",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2516"
},
{
"name": "CVE-2016-4612",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4612"
},
{
"name": "CVE-2016-4610",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4610"
},
{
"name": "CVE-2016-4608",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4608"
},
{
"name": "CVE-2016-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4609"
},
{
"name": "CVE-2016-4607",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4607"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2016-4738",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4738"
},
{
"name": "CVE-2016-5300",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5300"
},
{
"name": "CVE-2016-9063",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9063"
},
{
"name": "CVE-2016-8618",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8618"
},
{
"name": "CVE-2016-8622",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8622"
},
{
"name": "CVE-2016-8619",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8619"
},
{
"name": "CVE-2016-5180",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5180"
},
{
"name": "CVE-2016-9538",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9538"
},
{
"name": "CVE-2016-9539",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9539"
},
{
"name": "CVE-2017-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0553"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2017-1000368",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000368"
},
{
"name": "CVE-2017-10989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10989"
},
{
"name": "CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"name": "CVE-2017-15412",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15412"
},
{
"name": "CVE-2017-8817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8817"
},
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2017-16931",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16931"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8380",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8380"
},
{
"name": "CVE-2016-3191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3191"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"name": "CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"name": "CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"name": "CVE-2019-9518",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2019-8457",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8457"
},
{
"name": "CVE-2019-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1354"
},
{
"name": "CVE-2019-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1352"
},
{
"name": "CVE-2019-1387",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1387"
},
{
"name": "CVE-2019-1349",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1349"
},
{
"name": "CVE-2019-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1350"
},
{
"name": "CVE-2019-17267",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2020-8616",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8616"
},
{
"name": "CVE-2020-8617",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8617"
},
{
"name": "CVE-2019-17571",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
},
{
"name": "CVE-2017-14867",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14867"
},
{
"name": "CVE-2019-16943",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2020-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11656"
},
{
"name": "CVE-2020-1968",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1968"
},
{
"name": "CVE-2020-15999",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15999"
},
{
"name": "CVE-2020-1747",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1747"
},
{
"name": "CVE-2020-25696",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25696"
},
{
"name": "CVE-2020-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13631"
},
{
"name": "CVE-2020-13435",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13435"
},
{
"name": "CVE-2020-13434",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13434"
},
{
"name": "CVE-2020-15358",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15358"
},
{
"name": "CVE-2020-13630",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13630"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2021-3177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3177"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2021-23017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23017"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-10878",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10878"
},
{
"name": "CVE-2020-13632",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13632"
},
{
"name": "CVE-2020-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11655"
},
{
"name": "CVE-2020-29573",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29573"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2020-12049",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12049"
},
{
"name": "CVE-2020-14363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14363"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2019-9169",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9169"
},
{
"name": "CVE-2021-3517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3517"
},
{
"name": "CVE-2021-20271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20271"
},
{
"name": "CVE-2020-27619",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27619"
},
{
"name": "CVE-2020-8492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8492"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-13871",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13871"
},
{
"name": "CVE-2020-25717",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25717"
},
{
"name": "CVE-2016-2124",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2124"
},
{
"name": "CVE-2021-42739",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42739"
},
{
"name": "CVE-2019-9924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9924"
},
{
"name": "CVE-2019-14892",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
},
{
"name": "CVE-2019-14893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
},
{
"name": "CVE-2022-21304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21304"
},
{
"name": "CVE-2022-21245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21245"
},
{
"name": "CVE-2022-21344",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21344"
},
{
"name": "CVE-2022-21270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21270"
},
{
"name": "CVE-2022-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21367"
},
{
"name": "CVE-2022-21303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21303"
},
{
"name": "CVE-2020-9327",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9327"
},
{
"name": "CVE-2021-41617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41617"
},
{
"name": "CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"name": "CVE-2014-6272",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6272"
},
{
"name": "CVE-2015-6525",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6525"
},
{
"name": "CVE-2018-14404",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14404"
},
{
"name": "CVE-2017-1000158",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000158"
},
{
"name": "CVE-2020-14343",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14343"
},
{
"name": "CVE-2018-1000654",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000654"
},
{
"name": "CVE-2014-9471",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9471"
},
{
"name": "CVE-2019-14540",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
},
{
"name": "CVE-2020-8840",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
},
{
"name": "CVE-2019-16942",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
},
{
"name": "CVE-2019-16335",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
},
{
"name": "CVE-2019-17531",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
},
{
"name": "CVE-2019-20330",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
},
{
"name": "CVE-2019-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0205"
},
{
"name": "CVE-2017-12562",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12562"
},
{
"name": "CVE-2018-14567",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14567"
},
{
"name": "CVE-2022-22217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22217"
},
{
"name": "CVE-2016-4484",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4484"
},
{
"name": "CVE-2015-4042",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4042"
},
{
"name": "CVE-2016-7943",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7943"
},
{
"name": "CVE-2016-6318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6318"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2016-7942",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7942"
},
{
"name": "CVE-2017-9117",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9117"
},
{
"name": "CVE-2022-22203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22203"
},
{
"name": "CVE-2015-5228",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5228"
},
{
"name": "CVE-2021-42574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42574"
},
{
"name": "CVE-2022-22216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22216"
},
{
"name": "CVE-2015-7805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7805"
},
{
"name": "CVE-2017-8779",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8779"
},
{
"name": "CVE-2022-22206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22206"
},
{
"name": "CVE-2016-7947",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7947"
},
{
"name": "CVE-2016-7951",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7951"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2018-6954",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6954"
},
{
"name": "CVE-2014-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9488"
},
{
"name": "CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"name": "CVE-2017-15994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15994"
},
{
"name": "CVE-2022-22209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22209"
},
{
"name": "CVE-2015-8540",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8540"
},
{
"name": "CVE-2016-7950",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7950"
},
{
"name": "CVE-2017-14930",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14930"
},
{
"name": "CVE-2017-8105",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8105"
},
{
"name": "CVE-2016-7949",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7949"
},
{
"name": "CVE-2017-5225",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5225"
},
{
"name": "CVE-2016-1951",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1951"
},
{
"name": "CVE-2017-8871",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8871"
},
{
"name": "CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"name": "CVE-2022-22215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22215"
},
{
"name": "CVE-2015-7036",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7036"
},
{
"name": "CVE-2016-2779",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2779"
},
{
"name": "CVE-2022-22213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22213"
},
{
"name": "CVE-2016-10195",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10195"
},
{
"name": "CVE-2014-5044",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-5044"
},
{
"name": "CVE-2016-7944",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7944"
},
{
"name": "CVE-2014-9114",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9114"
},
{
"name": "CVE-2014-9474",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9474"
},
{
"name": "CVE-2015-2059",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2059"
},
{
"name": "CVE-2022-22207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22207"
},
{
"name": "CVE-2022-22205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22205"
},
{
"name": "CVE-2022-22204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22204"
},
{
"name": "CVE-2017-5929",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5929"
},
{
"name": "CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"name": "CVE-2017-10685",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10685"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2015-8947",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8947"
},
{
"name": "CVE-2019-9893",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9893"
},
{
"name": "CVE-2016-1238",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1238"
},
{
"name": "CVE-2016-7948",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7948"
},
{
"name": "CVE-2014-9746",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9746"
},
{
"name": "CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"name": "CVE-2016-2052",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2052"
},
{
"name": "CVE-2021-3487",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3487"
},
{
"name": "CVE-2022-22214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22214"
},
{
"name": "CVE-2014-4043",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4043"
},
{
"name": "CVE-2022-22221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22221"
},
{
"name": "CVE-2022-22212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22212"
},
{
"name": "CVE-2017-16548",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16548"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2014-9939",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9939"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2015-3308",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3308"
},
{
"name": "CVE-2017-7614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7614"
},
{
"name": "CVE-2022-22202",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22202"
},
{
"name": "CVE-2017-8421",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8421"
},
{
"name": "CVE-2017-14062",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14062"
},
{
"name": "CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"name": "CVE-2022-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22218"
},
{
"name": "CVE-2017-10684",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10684"
},
{
"name": "CVE-2022-22210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22210"
},
{
"name": "CVE-2017-13716",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13716"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2015-5602",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5602"
},
{
"name": "CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"name": "CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"name": "CVE-2017-17434",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17434"
},
{
"name": "CVE-2017-8287",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8287"
},
{
"name": "CVE-2017-8804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8804"
}
],
"initial_release_date": "2022-07-15T00:00:00",
"last_revision_date": "2022-07-15T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-650",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-07-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69723 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Security-Director-Policy-Enforcer-upgraded-to-CentOS-7-9"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69722 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release-CVE-2022-22218"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69713 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-RIB-and-PFEs-can-get-out-of-sync-due-to-a-memory-leak-caused-by-interface-flaps-or-route-churn-CVE-2022-22209"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69710 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-series-The-PFE-will-crash-when-specific-traffic-is-scanned-by-Enhanced-Web-Filtering-safe-search-CVE-2022-22206"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69717 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Denial-of-Service-DoS-vulnerability-in-RPD-upon-receipt-of-specific-BGP-update-CVE-2022-22213"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69707 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-Receipt-of-specific-traffic-will-lead-to-an-fxpc-process-crash-followed-by-an-FPC-reboot-CVE-2022-22203"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69714 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-MX-Series-An-l2alm-crash-leading-to-an-FPC-crash-can-be-observed-in-VxLAN-scenario-CVE-2022-22210"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69718 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-MPLS-scenario-upon-receipt-of-a-specific-IPv6-packet-an-FPC-will-crash-CVE-2022-22214"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69726 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Contrail-Networking-Multiple-vulnerabilities-resolved-in-Contrail-Networking-21-4"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69711 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC11-In-a-GNF-node-slicing-scenario-gathering-AF-interface-statistics-can-lead-to-a-kernel-crash-CVE-2022-22207"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69715 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-OpenSSL-security-fixes"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69708 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-When-receiving-a-specific-SIP-packets-stale-call-table-entries-are-created-which-eventually-leads-to-a-DoS-for-all-SIP-traffic-CVE-2022-22204"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69716 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-hostbound-traffic-will-cause-unexpected-hostbound-traffic-delays-or-drops-CVE-2022-22212"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69719 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-var-run-pid-env-files-are-potentially-not-deleted-during-termination-of-a-gRPC-connection-causing-inode-exhaustion-CVE-2022-22215"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69703 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Northstar-Controller-nginx-component-allows-remote-attacker-to-cause-worker-process-crash-or-potentially-arbitrary-code-execution-CVE-2021-23017-2"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69721 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX10k-Series-Denial-of-Service-DoS-upon-receipt-of-crafted-MLD-packets-on-multi-homing-ESI-in-VXLAN-CVE-2022-22217"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69720 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Etherleak-memory-disclosure-in-Ethernet-padding-data-CVE-2022-22216"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69725 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-and-EX-Series-Local-privilege-escalation-flaw-in-download-functionality-CVE-2022-22221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69705 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-in-SQLite-resolved"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69709 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-Series-An-FPC-memory-leak-can-occur-in-an-APBR-scenario-CVE-2022-22205"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69706 du 13 juillet 2022",
"url": "https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-FPCs-may-restart-unexpectedly-upon-receipt-of-specific-MPLS-packets-with-certain-multi-unit-interface-configurations-CVE-2022-22202"
}
]
}
CERTFR-2026-AVI-0249
Vulnerability from certfr_avis - Published: 2026-03-06 - Updated: 2026-03-06
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | QRadar Data Synchronization App versions antérieures à 3.3.0 | ||
| IBM | Db2 | DB2 Data Management Console versions antérieures à 3.1.13 | ||
| IBM | Tivoli | Tivoli Netcool/OMNIbus_GUI sans le dernier correctif de sécurité | ||
| IBM | Db2 | DB2 Recovery Expert versions antérieures à 5.5.0.1 Interim Fix 8 | ||
| IBM | Db2 | Db2 Warehouse on Cloud Pak for Data versions antérieures à 5.3.1 | ||
| IBM | Db2 | Db2 on Cloud Pak for Data versions antérieures à 5.3.1 | ||
| IBM | QRadar | QRadar Pre-Validation App versions antérieures à 2.0.2 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Data Synchronization App versions ant\u00e9rieures \u00e0 3.3.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Data Management Console versions ant\u00e9rieures \u00e0 3.1.13",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Netcool/OMNIbus_GUI sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Recovery Expert versions ant\u00e9rieures \u00e0 5.5.0.1 Interim Fix 8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.1",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pre-Validation App versions ant\u00e9rieures \u00e0 2.0.2",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"name": "CVE-2021-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33036"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2025-36353",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36353"
},
{
"name": "CVE-2026-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21933"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2026-21932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21932"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2018-14042",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14042"
},
{
"name": "CVE-2025-58190",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58190"
},
{
"name": "CVE-2024-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2016-0703",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0703"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2025-13867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13867"
},
{
"name": "CVE-2025-2668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2668"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-36427",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36427"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2025-32421",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32421"
},
{
"name": "CVE-2025-47944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47944"
},
{
"name": "CVE-2024-3154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3154"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-36384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36384"
},
{
"name": "CVE-2025-36098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36098"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2024-50302",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50302"
},
{
"name": "CVE-2025-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36184"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2016-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0800"
},
{
"name": "CVE-2024-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3933"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49128"
},
{
"name": "CVE-2025-22091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22091"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2025-36247",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36247"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-36009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36009"
},
{
"name": "CVE-2016-9318",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9318"
},
{
"name": "CVE-2024-51479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51479"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2026-23745",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23745"
},
{
"name": "CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2025-36070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36070"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2015-2716",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2716"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2025-36428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36428"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-29025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29025"
},
{
"name": "CVE-2025-36424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36424"
},
{
"name": "CVE-2025-36387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36387"
},
{
"name": "CVE-2019-19921",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19921"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2025-64329",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64329"
},
{
"name": "CVE-2025-27903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27903"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2023-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22041"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2026-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21925"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2016-4472",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4472"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-10917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10917"
},
{
"name": "CVE-2024-9042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9042"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"name": "CVE-2025-30691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30691"
},
{
"name": "CVE-2025-57822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57822"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-67779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67779"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55183"
},
{
"name": "CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2023-22043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22043"
},
{
"name": "CVE-2016-4658",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4658"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2024-36621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36621"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2025-55173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55173"
},
{
"name": "CVE-2024-40635",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40635"
},
{
"name": "CVE-2024-48910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48910"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2025-48068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48068"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2018-5764",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5764"
},
{
"name": "CVE-2024-50264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50264"
},
{
"name": "CVE-2025-57752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57752"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2025-38110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38110"
},
{
"name": "CVE-2020-15115",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15115"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-22113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22113"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-5187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
},
{
"name": "CVE-2026-1188",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1188"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2012-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2098"
},
{
"name": "CVE-2024-41909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41909"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2023-35887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35887"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-56332",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56332"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2026-25765",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25765"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2024-29133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-35195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
},
{
"name": "CVE-2025-38089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38089"
},
{
"name": "CVE-2023-2727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2727"
},
{
"name": "CVE-2024-12905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2025-36425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36425"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2021-37404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37404"
},
{
"name": "CVE-2025-58457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58457"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-47935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47935"
},
{
"name": "CVE-2025-22085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22085"
},
{
"name": "CVE-2025-50537",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50537"
},
{
"name": "CVE-2026-23950",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23950"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21626"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2016-0704",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0704"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-29154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29154"
},
{
"name": "CVE-2025-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1767"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-36001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36001"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-29927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29927"
},
{
"name": "CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"name": "CVE-2025-36365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36365"
},
{
"name": "CVE-2023-42503",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42503"
},
{
"name": "CVE-2025-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27904"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-36442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36442"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2026-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21945"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2025-14689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14689"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2024-47072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47072"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-36366",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36366"
},
{
"name": "CVE-2025-36123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36123"
},
{
"name": "CVE-2025-27900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27900"
},
{
"name": "CVE-2025-0426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0426"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2025-27899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27899"
},
{
"name": "CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"name": "CVE-2023-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22044"
},
{
"name": "CVE-2025-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48997"
},
{
"name": "CVE-2025-27901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27901"
},
{
"name": "CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"name": "CVE-2021-22570",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22570"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-48387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48387"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2025-27898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27898"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2023-2728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2728"
},
{
"name": "CVE-2024-7143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7143"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-36407",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36407"
},
{
"name": "CVE-2025-7338",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7338"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"name": "CVE-2025-55184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55184"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2024-27267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
},
{
"name": "CVE-2025-59343",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59343"
},
{
"name": "CVE-2024-36623",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36623"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2024-36620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36620"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-03-06T00:00:00",
"last_revision_date": "2026-03-06T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0249",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2026-03-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262753",
"url": "https://www.ibm.com/support/pages/node/7262753"
},
{
"published_at": "2026-03-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262754",
"url": "https://www.ibm.com/support/pages/node/7262754"
},
{
"published_at": "2026-03-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262324",
"url": "https://www.ibm.com/support/pages/node/7262324"
},
{
"published_at": "2026-03-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262669",
"url": "https://www.ibm.com/support/pages/node/7262669"
},
{
"published_at": "2026-03-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262494",
"url": "https://www.ibm.com/support/pages/node/7262494"
},
{
"published_at": "2026-03-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262548",
"url": "https://www.ibm.com/support/pages/node/7262548"
},
{
"published_at": "2026-03-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7262325",
"url": "https://www.ibm.com/support/pages/node/7262325"
},
{
"published_at": "2026-02-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7259901",
"url": "https://www.ibm.com/support/pages/node/7259901"
}
]
}
CNVD-2015-04881
Vulnerability from cnvd - Published: 2015-07-27
VLAI
Title
Google Chrome Expat整数溢出漏洞
Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Expat是美国软件开发者吉姆-克拉克所研发的一个基于C语言的XML解析器库,它采用了一个面向流的解析器。
Google Chrome 44.0.2403.89之前版本中使用的Expat 2.1.0及之前版本中的‘XML_GetBuffer’函数存在整数溢出漏洞。远程攻击者可借助特制的XML数据利用该漏洞造成拒绝服务(基于堆的缓冲区溢出)。
Severity
中
Patch Name
Google Chrome Expat整数溢出漏洞的补丁
Patch Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Expat是美国软件开发者吉姆-克拉克所研发的一个基于C语言的XML解析器库,它采用了一个面向流的解析器。Google Chrome 44.0.2403.89之前版本中使用的Expat 2.1.0及之前版本中的‘XML_GetBuffer’函数存在整数溢出漏洞。远程攻击者可借助特制的XML数据利用该漏洞造成拒绝服务(基于堆的缓冲区溢出)。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Reference
https://codereview.chromium.org/1224303003
https://code.google.com/p/chromium/issues/detail?id=492052
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
http://www.techspot.com/downloads/4908-chrome-for-mac-os.html
Impacted products
| Name | Google Chrome <44.0.2403.89 |
|---|
{
"bids": {
"bid": {
"bidNumber": "75973"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2015-1283"
}
},
"description": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002Expat\u662f\u7f8e\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005\u5409\u59c6-\u514b\u62c9\u514b\u6240\u7814\u53d1\u7684\u4e00\u4e2a\u57fa\u4e8eC\u8bed\u8a00\u7684XML\u89e3\u6790\u5668\u5e93\uff0c\u5b83\u91c7\u7528\u4e86\u4e00\u4e2a\u9762\u5411\u6d41\u7684\u89e3\u6790\u5668\u3002\r\n\r\nGoogle Chrome 44.0.2403.89\u4e4b\u524d\u7248\u672c\u4e2d\u4f7f\u7528\u7684Expat 2.1.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u2018XML_GetBuffer\u2019\u51fd\u6570\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684XML\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u57fa\u4e8e\u5806\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\uff09\u3002",
"discovererName": "sidhpurwala.huzaifa",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-04881",
"openTime": "2015-07-27",
"patchDescription": "Google Chrome\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u5f00\u53d1\u7684\u4e00\u6b3eWeb\u6d4f\u89c8\u5668\u3002Expat\u662f\u7f8e\u56fd\u8f6f\u4ef6\u5f00\u53d1\u8005\u5409\u59c6-\u514b\u62c9\u514b\u6240\u7814\u53d1\u7684\u4e00\u4e2a\u57fa\u4e8eC\u8bed\u8a00\u7684XML\u89e3\u6790\u5668\u5e93\uff0c\u5b83\u91c7\u7528\u4e86\u4e00\u4e2a\u9762\u5411\u6d41\u7684\u89e3\u6790\u5668\u3002Google Chrome 44.0.2403.89\u4e4b\u524d\u7248\u672c\u4e2d\u4f7f\u7528\u7684Expat 2.1.0\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684\u2018XML_GetBuffer\u2019\u51fd\u6570\u5b58\u5728\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684XML\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u57fa\u4e8e\u5806\u7684\u7f13\u51b2\u533a\u6ea2\u51fa\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Google Chrome Expat\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Google Chrome \u003c44.0.2403.89"
},
"referenceLink": "https://codereview.chromium.org/1224303003\r\nhttps://code.google.com/p/chromium/issues/detail?id=492052\r\nhttp://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html\r\nhttp://www.techspot.com/downloads/4908-chrome-for-mac-os.html",
"serverity": "\u4e2d",
"submitTime": "2015-07-24",
"title": "Google Chrome Expat\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e"
}
FKIE_CVE-2015-1283
Vulnerability from fkie_nvd - Published: 2015-07-23 00:59 - Updated: 2026-05-06 22:30
Severity
Summary
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
References
| URL | Tags | ||
|---|---|---|---|
| chrome-cve-admin@google.com | http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html | ||
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html | ||
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html | ||
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html | ||
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html | ||
| chrome-cve-admin@google.com | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html | ||
| chrome-cve-admin@google.com | http://rhn.redhat.com/errata/RHSA-2015-1499.html | ||
| chrome-cve-admin@google.com | http://www.debian.org/security/2015/dsa-3315 | ||
| chrome-cve-admin@google.com | http://www.debian.org/security/2015/dsa-3318 | ||
| chrome-cve-admin@google.com | http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html | ||
| chrome-cve-admin@google.com | http://www.securityfocus.com/bid/75973 | ||
| chrome-cve-admin@google.com | http://www.securitytracker.com/id/1033031 | ||
| chrome-cve-admin@google.com | http://www.ubuntu.com/usn/USN-2726-1 | ||
| chrome-cve-admin@google.com | https://code.google.com/p/chromium/issues/detail?id=492052 | ||
| chrome-cve-admin@google.com | https://codereview.chromium.org/1224303003 | ||
| chrome-cve-admin@google.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10365 | ||
| chrome-cve-admin@google.com | https://security.gentoo.org/glsa/201603-09 | ||
| chrome-cve-admin@google.com | https://security.gentoo.org/glsa/201701-21 | ||
| chrome-cve-admin@google.com | https://source.android.com/security/bulletin/2016-11-01.html | ||
| chrome-cve-admin@google.com | https://www.tenable.com/security/tns-2016-20 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rhn.redhat.com/errata/RHSA-2015-1499.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3315 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3318 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75973 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033031 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2726-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://code.google.com/p/chromium/issues/detail?id=492052 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://codereview.chromium.org/1224303003 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10365 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201603-09 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201701-21 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2016-11-01.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2016-20 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| chrome | * | ||
| libexpat_project | libexpat | * | |
| python | python | * | |
| python | python | * | |
| python | python | * | |
| python | python | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 15.04 | |
| suse | linux_enterprise_debuginfo | 11 | |
| suse | studio_onsite | 1.3 | |
| opensuse | leap | 42.1 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_desktop | 12 | |
| suse | linux_enterprise_server | 11 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_server | 12 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| suse | linux_enterprise_software_development_kit | 12 | |
| oracle | solaris | 10 | |
| oracle | solaris | 11.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD601FD-6060-4CC5-81DA-BDDE41485613",
"versionEndIncluding": "43.0.2357.134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B366ABE5-5936-47A6-9370-602954E4B40D",
"versionEndIncluding": "2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D73CCB4-4EB4-46C2-B29A-55B5A2E0B139",
"versionEndExcluding": "2.7.12",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E822AE7-709A-4DA4-B2C6-7A5968AE62FD",
"versionEndExcluding": "3.3.7",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C7514C-10D7-4B68-99D1-21F8474AD25C",
"versionEndExcluding": "3.4.5",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4B7851-5B65-4DB7-8AB4-6F6AF940272C",
"versionEndExcluding": "3.5.2",
"versionStartIncluding": "3.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "F892F1B0-514C-42F7-90AE-12ACDFDC1033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "74BCA435-7594-49E8-9BAE-9E02E129B6C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3A0BA503-3F96-48DA-AF47-FBA37A9D0C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "2076747F-A98E-4DD9-9B52-BF1732BCAD3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D41A798E-0D69-43C7-9A63-1E5921138EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5A633996-2FD7-467C-BAA6-529E16BD06D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"matchCriteriaId": "964B57CD-CB8A-4520-B358-1C93EC5EF2DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de desbordamiento de entero en la funci\u00f3n XML_GetBuffer en Expat hasta la versi\u00f3n 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante un desbordamiento de buffer basado en memoria din\u00e1mica o, posiblemente tener otro impacto no especificado a trav\u00e9s de datos XML manipulados, un tema relacionado con CVE-2015-2716."
}
],
"id": "CVE-2015-1283",
"lastModified": "2026-05-06T22:30:45.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-07-23T00:59:12.680",
"references": [
{
"source": "chrome-cve-admin@google.com",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "chrome-cve-admin@google.com",
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://codereview.chromium.org/1224303003"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"source": "chrome-cve-admin@google.com",
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://codereview.chromium.org/1224303003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2016-20"
}
],
"sourceIdentifier": "chrome-cve-admin@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-6W45-GWRJ-V625
Vulnerability from github – Published: 2022-05-13 01:07 – Updated: 2022-05-13 01:07
VLAI
Details
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
{
"affected": [],
"aliases": [
"CVE-2015-1283"
],
"database_specific": {
"cwe_ids": [
"CWE-190"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-07-23T00:59:00Z",
"severity": "MODERATE"
},
"details": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.",
"id": "GHSA-6w45-gwrj-v625",
"modified": "2022-05-13T01:07:39Z",
"published": "2022-05-13T01:07:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1283"
},
{
"type": "WEB",
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"type": "WEB",
"url": "https://codereview.chromium.org/1224303003"
},
{
"type": "WEB",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"type": "WEB",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2726-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2015-1283
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-1283",
"description": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.",
"id": "GSD-2015-1283",
"references": [
"https://www.suse.com/security/cve/CVE-2015-1283.html",
"https://www.debian.org/security/2015/dsa-3318",
"https://www.debian.org/security/2015/dsa-3315",
"https://access.redhat.com/errata/RHSA-2015:1499",
"https://ubuntu.com/security/CVE-2015-1283",
"https://advisories.mageia.org/CVE-2015-1283.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-1283"
],
"details": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.",
"id": "GSD-2015-1283",
"modified": "2023-12-13T01:20:05.717395Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "chrome-cve-admin@google.com",
"ID": "CVE-2015-1283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/tns-2016-20",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "RHSA-2015:1499",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=492052",
"refsource": "CONFIRM",
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"name": "openSUSE-SU-2016:1523",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"name": "openSUSE-SU-2015:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name": "1033031",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name": "DSA-3318",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "SUSE-SU-2016:1508",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"name": "GLSA-201701-21",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "SUSE-SU-2016:1512",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"name": "https://codereview.chromium.org/1224303003",
"refsource": "CONFIRM",
"url": "https://codereview.chromium.org/1224303003"
},
{
"name": "75973",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75973"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name": "USN-2726-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"name": "openSUSE-SU-2016:1441",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"name": "DSA-3315",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "43.0.2357.134",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.3.7",
"versionStartIncluding": "3.3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.5.2",
"versionStartIncluding": "3.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.4.5",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.12",
"versionStartIncluding": "2.7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2015-1283"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://code.google.com/p/chromium/issues/detail?id=492052",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
],
"url": "https://code.google.com/p/chromium/issues/detail?id=492052"
},
{
"name": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html"
},
{
"name": "https://codereview.chromium.org/1224303003",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://codereview.chromium.org/1224303003"
},
{
"name": "RHSA-2015:1499",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1499.html"
},
{
"name": "DSA-3315",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3315"
},
{
"name": "openSUSE-SU-2015:1287",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html"
},
{
"name": "DSA-3318",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3318"
},
{
"name": "SUSE-SU-2016:1508",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html"
},
{
"name": "SUSE-SU-2016:1512",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html"
},
{
"name": "openSUSE-SU-2016:1523",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "75973",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75973"
},
{
"name": "https://source.android.com/security/bulletin/2016-11-01.html",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://source.android.com/security/bulletin/2016-11-01.html"
},
{
"name": "openSUSE-SU-2016:1441",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html"
},
{
"name": "GLSA-201603-09",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201603-09"
},
{
"name": "USN-2726-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2726-1"
},
{
"name": "GLSA-201701-21",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201701-21"
},
{
"name": "1033031",
"refsource": "SECTRACK",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033031"
},
{
"name": "https://www.tenable.com/security/tns-2016-20",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2016-20"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10365"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2022-07-05T18:57Z",
"publishedDate": "2015-07-23T00:59Z"
}
}
}
OPENSUSE-SU-2024:10077-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
expat-2.2.0-3.1 on GA media
Severity
Moderate
Notes
Title of the patch: expat-2.2.0-3.1 on GA media
Description of the patch: These are all security issues fixed in the expat-2.2.0-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10077
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
81 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://www.suse.com/security/cve/CVE-2009-2625/ | self |
| https://www.suse.com/security/cve/CVE-2009-3560/ | self |
| https://www.suse.com/security/cve/CVE-2009-3720/ | self |
| https://www.suse.com/security/cve/CVE-2012-0876/ | self |
| https://www.suse.com/security/cve/CVE-2012-1147/ | self |
| https://www.suse.com/security/cve/CVE-2012-1148/ | self |
| https://www.suse.com/security/cve/CVE-2012-6702/ | self |
| https://www.suse.com/security/cve/CVE-2015-1283/ | self |
| https://www.suse.com/security/cve/CVE-2016-0718/ | self |
| https://www.suse.com/security/cve/CVE-2016-4472/ | self |
| https://www.suse.com/security/cve/CVE-2016-5300/ | self |
| https://www.suse.com/security/cve/CVE-2009-2625 | external |
| https://bugzilla.suse.com/525562 | external |
| https://bugzilla.suse.com/530717 | external |
| https://bugzilla.suse.com/534025 | external |
| https://bugzilla.suse.com/534721 | external |
| https://bugzilla.suse.com/537969 | external |
| https://bugzilla.suse.com/540945 | external |
| https://bugzilla.suse.com/548655 | external |
| https://bugzilla.suse.com/550664 | external |
| https://bugzilla.suse.com/553220 | external |
| https://bugzilla.suse.com/558892 | external |
| https://bugzilla.suse.com/581162 | external |
| https://bugzilla.suse.com/581765 | external |
| https://bugzilla.suse.com/610080 | external |
| https://bugzilla.suse.com/611931 | external |
| https://bugzilla.suse.com/611932 | external |
| https://www.suse.com/security/cve/CVE-2009-3560 | external |
| https://bugzilla.suse.com/550666 | external |
| https://bugzilla.suse.com/558892 | external |
| https://bugzilla.suse.com/561561 | external |
| https://bugzilla.suse.com/581162 | external |
| https://bugzilla.suse.com/581765 | external |
| https://bugzilla.suse.com/611931 | external |
| https://bugzilla.suse.com/694595 | external |
| https://bugzilla.suse.com/725950 | external |
| https://www.suse.com/security/cve/CVE-2009-3720 | external |
| https://bugzilla.suse.com/534721 | external |
| https://bugzilla.suse.com/550664 | external |
| https://bugzilla.suse.com/550666 | external |
| https://bugzilla.suse.com/558892 | external |
| https://bugzilla.suse.com/561561 | external |
| https://bugzilla.suse.com/581162 | external |
| https://bugzilla.suse.com/581765 | external |
| https://bugzilla.suse.com/611931 | external |
| https://bugzilla.suse.com/725950 | external |
| https://www.suse.com/security/cve/CVE-2012-0876 | external |
| https://bugzilla.suse.com/750914 | external |
| https://bugzilla.suse.com/751464 | external |
| https://bugzilla.suse.com/751465 | external |
| https://bugzilla.suse.com/983215 | external |
| https://bugzilla.suse.com/983216 | external |
| https://www.suse.com/security/cve/CVE-2012-1147 | external |
| https://bugzilla.suse.com/750914 | external |
| https://bugzilla.suse.com/751464 | external |
| https://bugzilla.suse.com/751465 | external |
| https://www.suse.com/security/cve/CVE-2012-1148 | external |
| https://bugzilla.suse.com/750914 | external |
| https://bugzilla.suse.com/751464 | external |
| https://bugzilla.suse.com/751465 | external |
| https://www.suse.com/security/cve/CVE-2012-6702 | external |
| https://bugzilla.suse.com/983215 | external |
| https://bugzilla.suse.com/983216 | external |
| https://www.suse.com/security/cve/CVE-2015-1283 | external |
| https://bugzilla.suse.com/1034050 | external |
| https://bugzilla.suse.com/939077 | external |
| https://bugzilla.suse.com/979441 | external |
| https://bugzilla.suse.com/980391 | external |
| https://bugzilla.suse.com/983985 | external |
| https://www.suse.com/security/cve/CVE-2016-0718 | external |
| https://bugzilla.suse.com/979441 | external |
| https://bugzilla.suse.com/991809 | external |
| https://www.suse.com/security/cve/CVE-2016-4472 | external |
| https://bugzilla.suse.com/1034050 | external |
| https://bugzilla.suse.com/939077 | external |
| https://bugzilla.suse.com/980391 | external |
| https://bugzilla.suse.com/983985 | external |
| https://www.suse.com/security/cve/CVE-2016-5300 | external |
| https://bugzilla.suse.com/983216 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "expat-2.2.0-3.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the expat-2.2.0-3.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10077",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10077-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2625 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3560 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-3720 page",
"url": "https://www.suse.com/security/cve/CVE-2009-3720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0876 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1147 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1148 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1148/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-6702 page",
"url": "https://www.suse.com/security/cve/CVE-2012-6702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1283 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0718 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4472 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5300 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5300/"
}
],
"title": "expat-2.2.0-3.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10077-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.2.0-3.1.aarch64",
"product": {
"name": "expat-2.2.0-3.1.aarch64",
"product_id": "expat-2.2.0-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.2.0-3.1.aarch64",
"product": {
"name": "libexpat-devel-2.2.0-3.1.aarch64",
"product_id": "libexpat-devel-2.2.0-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.2.0-3.1.aarch64",
"product": {
"name": "libexpat-devel-32bit-2.2.0-3.1.aarch64",
"product_id": "libexpat-devel-32bit-2.2.0-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.2.0-3.1.aarch64",
"product": {
"name": "libexpat1-2.2.0-3.1.aarch64",
"product_id": "libexpat1-2.2.0-3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.2.0-3.1.aarch64",
"product": {
"name": "libexpat1-32bit-2.2.0-3.1.aarch64",
"product_id": "libexpat1-32bit-2.2.0-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.2.0-3.1.ppc64le",
"product": {
"name": "expat-2.2.0-3.1.ppc64le",
"product_id": "expat-2.2.0-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.2.0-3.1.ppc64le",
"product": {
"name": "libexpat-devel-2.2.0-3.1.ppc64le",
"product_id": "libexpat-devel-2.2.0-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"product": {
"name": "libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"product_id": "libexpat-devel-32bit-2.2.0-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.2.0-3.1.ppc64le",
"product": {
"name": "libexpat1-2.2.0-3.1.ppc64le",
"product_id": "libexpat1-2.2.0-3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.2.0-3.1.ppc64le",
"product": {
"name": "libexpat1-32bit-2.2.0-3.1.ppc64le",
"product_id": "libexpat1-32bit-2.2.0-3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.2.0-3.1.s390x",
"product": {
"name": "expat-2.2.0-3.1.s390x",
"product_id": "expat-2.2.0-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.2.0-3.1.s390x",
"product": {
"name": "libexpat-devel-2.2.0-3.1.s390x",
"product_id": "libexpat-devel-2.2.0-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.2.0-3.1.s390x",
"product": {
"name": "libexpat-devel-32bit-2.2.0-3.1.s390x",
"product_id": "libexpat-devel-32bit-2.2.0-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.2.0-3.1.s390x",
"product": {
"name": "libexpat1-2.2.0-3.1.s390x",
"product_id": "libexpat1-2.2.0-3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.2.0-3.1.s390x",
"product": {
"name": "libexpat1-32bit-2.2.0-3.1.s390x",
"product_id": "libexpat1-32bit-2.2.0-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.2.0-3.1.x86_64",
"product": {
"name": "expat-2.2.0-3.1.x86_64",
"product_id": "expat-2.2.0-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.2.0-3.1.x86_64",
"product": {
"name": "libexpat-devel-2.2.0-3.1.x86_64",
"product_id": "libexpat-devel-2.2.0-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.2.0-3.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.2.0-3.1.x86_64",
"product_id": "libexpat-devel-32bit-2.2.0-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.2.0-3.1.x86_64",
"product": {
"name": "libexpat1-2.2.0-3.1.x86_64",
"product_id": "libexpat1-2.2.0-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.2.0-3.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.2.0-3.1.x86_64",
"product_id": "libexpat1-32bit-2.2.0-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.2.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64"
},
"product_reference": "expat-2.2.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.2.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le"
},
"product_reference": "expat-2.2.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.2.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.2.0-3.1.s390x"
},
"product_reference": "expat-2.2.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.2.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64"
},
"product_reference": "expat-2.2.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.2.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64"
},
"product_reference": "libexpat-devel-2.2.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.2.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le"
},
"product_reference": "libexpat-devel-2.2.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.2.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x"
},
"product_reference": "libexpat-devel-2.2.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.2.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64"
},
"product_reference": "libexpat-devel-2.2.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.2.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64"
},
"product_reference": "libexpat-devel-32bit-2.2.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.2.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le"
},
"product_reference": "libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.2.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x"
},
"product_reference": "libexpat-devel-32bit-2.2.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.2.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64"
},
"product_reference": "libexpat-devel-32bit-2.2.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.2.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64"
},
"product_reference": "libexpat1-2.2.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.2.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le"
},
"product_reference": "libexpat1-2.2.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.2.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x"
},
"product_reference": "libexpat1-2.2.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.2.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64"
},
"product_reference": "libexpat1-2.2.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.2.0-3.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64"
},
"product_reference": "libexpat1-32bit-2.2.0-3.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.2.0-3.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le"
},
"product_reference": "libexpat1-32bit-2.2.0-3.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.2.0-3.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x"
},
"product_reference": "libexpat1-32bit-2.2.0-3.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.2.0-3.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.2.0-3.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2625"
}
],
"notes": [
{
"category": "general",
"text": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2625",
"url": "https://www.suse.com/security/cve/CVE-2009-2625"
},
{
"category": "external",
"summary": "SUSE Bug 525562 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/525562"
},
{
"category": "external",
"summary": "SUSE Bug 530717 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/530717"
},
{
"category": "external",
"summary": "SUSE Bug 534025 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/534025"
},
{
"category": "external",
"summary": "SUSE Bug 534721 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/534721"
},
{
"category": "external",
"summary": "SUSE Bug 537969 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/537969"
},
{
"category": "external",
"summary": "SUSE Bug 540945 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/540945"
},
{
"category": "external",
"summary": "SUSE Bug 548655 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/548655"
},
{
"category": "external",
"summary": "SUSE Bug 550664 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/550664"
},
{
"category": "external",
"summary": "SUSE Bug 553220 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/553220"
},
{
"category": "external",
"summary": "SUSE Bug 558892 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/558892"
},
{
"category": "external",
"summary": "SUSE Bug 581162 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/581162"
},
{
"category": "external",
"summary": "SUSE Bug 581765 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/581765"
},
{
"category": "external",
"summary": "SUSE Bug 610080 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/610080"
},
{
"category": "external",
"summary": "SUSE Bug 611931 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/611931"
},
{
"category": "external",
"summary": "SUSE Bug 611932 for CVE-2009-2625",
"url": "https://bugzilla.suse.com/611932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2009-2625"
},
{
"cve": "CVE-2009-3560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3560"
}
],
"notes": [
{
"category": "general",
"text": "The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3560",
"url": "https://www.suse.com/security/cve/CVE-2009-3560"
},
{
"category": "external",
"summary": "SUSE Bug 550666 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/550666"
},
{
"category": "external",
"summary": "SUSE Bug 558892 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/558892"
},
{
"category": "external",
"summary": "SUSE Bug 561561 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/561561"
},
{
"category": "external",
"summary": "SUSE Bug 581162 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/581162"
},
{
"category": "external",
"summary": "SUSE Bug 581765 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/581765"
},
{
"category": "external",
"summary": "SUSE Bug 611931 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/611931"
},
{
"category": "external",
"summary": "SUSE Bug 694595 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/694595"
},
{
"category": "external",
"summary": "SUSE Bug 725950 for CVE-2009-3560",
"url": "https://bugzilla.suse.com/725950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3560"
},
{
"cve": "CVE-2009-3720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-3720"
}
],
"notes": [
{
"category": "general",
"text": "The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-3720",
"url": "https://www.suse.com/security/cve/CVE-2009-3720"
},
{
"category": "external",
"summary": "SUSE Bug 534721 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/534721"
},
{
"category": "external",
"summary": "SUSE Bug 550664 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/550664"
},
{
"category": "external",
"summary": "SUSE Bug 550666 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/550666"
},
{
"category": "external",
"summary": "SUSE Bug 558892 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/558892"
},
{
"category": "external",
"summary": "SUSE Bug 561561 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/561561"
},
{
"category": "external",
"summary": "SUSE Bug 581162 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/581162"
},
{
"category": "external",
"summary": "SUSE Bug 581765 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/581765"
},
{
"category": "external",
"summary": "SUSE Bug 611931 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/611931"
},
{
"category": "external",
"summary": "SUSE Bug 725950 for CVE-2009-3720",
"url": "https://bugzilla.suse.com/725950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2009-3720"
},
{
"cve": "CVE-2012-0876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0876"
}
],
"notes": [
{
"category": "general",
"text": "The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0876",
"url": "https://www.suse.com/security/cve/CVE-2012-0876"
},
{
"category": "external",
"summary": "SUSE Bug 750914 for CVE-2012-0876",
"url": "https://bugzilla.suse.com/750914"
},
{
"category": "external",
"summary": "SUSE Bug 751464 for CVE-2012-0876",
"url": "https://bugzilla.suse.com/751464"
},
{
"category": "external",
"summary": "SUSE Bug 751465 for CVE-2012-0876",
"url": "https://bugzilla.suse.com/751465"
},
{
"category": "external",
"summary": "SUSE Bug 983215 for CVE-2012-0876",
"url": "https://bugzilla.suse.com/983215"
},
{
"category": "external",
"summary": "SUSE Bug 983216 for CVE-2012-0876",
"url": "https://bugzilla.suse.com/983216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-0876"
},
{
"cve": "CVE-2012-1147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1147"
}
],
"notes": [
{
"category": "general",
"text": "readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1147",
"url": "https://www.suse.com/security/cve/CVE-2012-1147"
},
{
"category": "external",
"summary": "SUSE Bug 750914 for CVE-2012-1147",
"url": "https://bugzilla.suse.com/750914"
},
{
"category": "external",
"summary": "SUSE Bug 751464 for CVE-2012-1147",
"url": "https://bugzilla.suse.com/751464"
},
{
"category": "external",
"summary": "SUSE Bug 751465 for CVE-2012-1147",
"url": "https://bugzilla.suse.com/751465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1147"
},
{
"cve": "CVE-2012-1148",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1148"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1148",
"url": "https://www.suse.com/security/cve/CVE-2012-1148"
},
{
"category": "external",
"summary": "SUSE Bug 750914 for CVE-2012-1148",
"url": "https://bugzilla.suse.com/750914"
},
{
"category": "external",
"summary": "SUSE Bug 751464 for CVE-2012-1148",
"url": "https://bugzilla.suse.com/751464"
},
{
"category": "external",
"summary": "SUSE Bug 751465 for CVE-2012-1148",
"url": "https://bugzilla.suse.com/751465"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-1148"
},
{
"cve": "CVE-2012-6702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-6702"
}
],
"notes": [
{
"category": "general",
"text": "Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-6702",
"url": "https://www.suse.com/security/cve/CVE-2012-6702"
},
{
"category": "external",
"summary": "SUSE Bug 983215 for CVE-2012-6702",
"url": "https://bugzilla.suse.com/983215"
},
{
"category": "external",
"summary": "SUSE Bug 983216 for CVE-2012-6702",
"url": "https://bugzilla.suse.com/983216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2012-6702"
},
{
"cve": "CVE-2015-1283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1283"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1283",
"url": "https://www.suse.com/security/cve/CVE-2015-1283"
},
{
"category": "external",
"summary": "SUSE Bug 1034050 for CVE-2015-1283",
"url": "https://bugzilla.suse.com/1034050"
},
{
"category": "external",
"summary": "SUSE Bug 939077 for CVE-2015-1283",
"url": "https://bugzilla.suse.com/939077"
},
{
"category": "external",
"summary": "SUSE Bug 979441 for CVE-2015-1283",
"url": "https://bugzilla.suse.com/979441"
},
{
"category": "external",
"summary": "SUSE Bug 980391 for CVE-2015-1283",
"url": "https://bugzilla.suse.com/980391"
},
{
"category": "external",
"summary": "SUSE Bug 983985 for CVE-2015-1283",
"url": "https://bugzilla.suse.com/983985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2015-1283"
},
{
"cve": "CVE-2016-0718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0718"
}
],
"notes": [
{
"category": "general",
"text": "Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0718",
"url": "https://www.suse.com/security/cve/CVE-2016-0718"
},
{
"category": "external",
"summary": "SUSE Bug 979441 for CVE-2016-0718",
"url": "https://bugzilla.suse.com/979441"
},
{
"category": "external",
"summary": "SUSE Bug 991809 for CVE-2016-0718",
"url": "https://bugzilla.suse.com/991809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-0718"
},
{
"cve": "CVE-2016-4472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4472"
}
],
"notes": [
{
"category": "general",
"text": "The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4472",
"url": "https://www.suse.com/security/cve/CVE-2016-4472"
},
{
"category": "external",
"summary": "SUSE Bug 1034050 for CVE-2016-4472",
"url": "https://bugzilla.suse.com/1034050"
},
{
"category": "external",
"summary": "SUSE Bug 939077 for CVE-2016-4472",
"url": "https://bugzilla.suse.com/939077"
},
{
"category": "external",
"summary": "SUSE Bug 980391 for CVE-2016-4472",
"url": "https://bugzilla.suse.com/980391"
},
{
"category": "external",
"summary": "SUSE Bug 983985 for CVE-2016-4472",
"url": "https://bugzilla.suse.com/983985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2016-4472"
},
{
"cve": "CVE-2016-5300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5300"
}
],
"notes": [
{
"category": "general",
"text": "The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5300",
"url": "https://www.suse.com/security/cve/CVE-2016-5300"
},
{
"category": "external",
"summary": "SUSE Bug 983216 for CVE-2016-5300",
"url": "https://bugzilla.suse.com/983216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:expat-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:expat-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:expat-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:expat-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.2.0-3.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.2.0-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5300"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…