Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-25032 (GCVE-0-2018-25032)
Vulnerability from cvelistv5 – Published: 2022-03-25 00:00 – Updated: 2025-05-06 14:19
VLAI
EPSS
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
Severity
7.5 (High)
CWE
- n/a
Assigner
References
29 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:26:39.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/madler/zlib/issues/605"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213257"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213256"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213255"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2018-25032",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:25.795648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T14:19:53.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"name": "[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"name": "[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"name": "DSA-5111",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"name": "[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"name": "FEDORA-2022-413a80a102",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/"
},
{
"name": "FEDORA-2022-dbd2935e44",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/"
},
{
"name": "FEDORA-2022-12b89e2aad",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/"
},
{
"name": "[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"name": "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/33"
},
{
"name": "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/35"
},
{
"name": "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/May/38"
},
{
"name": "FEDORA-2022-61cf1c64f6",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"url": "https://github.com/madler/zlib/issues/605"
},
{
"url": "https://support.apple.com/kb/HT213257"
},
{
"url": "https://support.apple.com/kb/HT213256"
},
{
"url": "https://support.apple.com/kb/HT213255"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"name": "FEDORA-2022-3a92250fd5",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/"
},
{
"name": "FEDORA-2022-b58a85e167",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/"
},
{
"name": "[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"name": "GLSA-202210-42",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-25032",
"datePublished": "2022-03-25T00:00:00.000Z",
"dateReserved": "2022-03-25T00:00:00.000Z",
"dateUpdated": "2025-05-06T14:19:53.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-25032",
"date": "2026-05-29",
"epss": "0.00089",
"percentile": "0.25373"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-25032\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-03-25T09:15:08.187\",\"lastModified\":\"2025-08-21T20:37:11.840\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.\"},{\"lang\":\"es\",\"value\":\"zlib versiones anteriores a 1.2.12 permite la corrupci\u00f3n de memoria al desinflar (es decir, al comprimir) si la entrada tiene muchas coincidencias distantes\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"1.13.4\",\"matchCriteriaId\":\"57E74758-D6C1-4C5F-B471-D4028BAEF97C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.7.0\",\"versionEndExcluding\":\"3.7.14\",\"matchCriteriaId\":\"0743C1B3-D44D-4940-AAF4-25DEFB46AC74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.8.0\",\"versionEndExcluding\":\"3.8.14\",\"matchCriteriaId\":\"5E28EB81-9BE6-4EC9-AC44-EFA4DDB0233F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.9.0\",\"versionEndExcluding\":\"3.9.13\",\"matchCriteriaId\":\"D10062BC-7B79-46C6-9FF5-396AE56F4508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.10.0\",\"versionEndExcluding\":\"3.10.5\",\"matchCriteriaId\":\"90CD96D5-4F6E-4733-A8D1-0771156CA2A2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.2.2\",\"versionEndExcluding\":\"1.2.12\",\"matchCriteriaId\":\"149842FE-9498-47E0-A8A3-B30BF505E1A4\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A930E247-0B43-43CB-98FF-6CE7B8189835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80E516C0-98A4-4ADE-B69F-66A772E2BAAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.15\",\"versionEndExcluding\":\"10.15.7\",\"matchCriteriaId\":\"DB8A73F8-3074-4B32-B9F6-343B6B1988C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*\",\"matchCriteriaId\":\"F12CC8B5-C1EB-419E-8496-B9A3864656AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FD7176C-F4D1-43A7-9E49-BA92CA0D9980\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F441A43-1669-478D-9EC8-E96882DE4F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"D425C653-37A2-448C-BF2F-B684ADB08A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\",\"matchCriteriaId\":\"012052B5-9AA7-4FD3-9C80-5F615330039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*\",\"matchCriteriaId\":\"50F21A3C-0AC3-48C5-A4F8-5A7B478875B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E974DC6-F7D9-4389-9AF9-863F6E419CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"156A6382-2BD3-4882-90B2-8E7CF6659E17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A2FDB2-6712-406A-9896-C0B44508B07D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"49F537A0-DC42-4176-B22F-C80D179DD99D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.6\",\"matchCriteriaId\":\"09A6345C-D813-43BA-B12E-789C80653F86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndExcluding\":\"12.4\",\"matchCriteriaId\":\"56A8A170-44A7-4334-88B0-CB4413E28E53\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3.0\",\"versionEndExcluding\":\"10.3.36\",\"matchCriteriaId\":\"D5048A61-025A-46D4-AA1D-17C20FD193C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4.0\",\"versionEndExcluding\":\"10.4.26\",\"matchCriteriaId\":\"76F49D8B-E293-475B-A190-E55F2586EB74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.5.0\",\"versionEndExcluding\":\"10.5.17\",\"matchCriteriaId\":\"144984F5-B5E4-4890-B84C-0BD4EBD1A575\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.6.0\",\"versionEndExcluding\":\"10.6.9\",\"matchCriteriaId\":\"9397E948-E3C7-4AE0-AB59-D8DF6DC0F85A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.7.0\",\"versionEndExcluding\":\"10.7.5\",\"matchCriteriaId\":\"3E60C79C-A7E6-4AEF-AD29-38BC63149C60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.8.0\",\"versionEndExcluding\":\"10.8.4\",\"matchCriteriaId\":\"EB9F7573-E888-42B6-8B57-CAF26300CC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.9.0\",\"versionEndExcluding\":\"10.9.2\",\"matchCriteriaId\":\"9FD7E579-DE84-4D5D-A959-AC4C959A7020\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.2\",\"matchCriteriaId\":\"8C5DA53D-744B-4087-AEA9-257F18949E4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B51137-28D9-41F2-AFA2-3CC22B4954D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD7447BC-F315-4298-A822-549942FC118B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc622-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"21A75847-54F1-453A-82D7-B6D2CB2DE7AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc622-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50FEE5FA-B141-4E5F-8673-363089262530\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc626-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"ECCD4A67-EA4B-47C7-83F8-5CCC18BC3C94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc626-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAC3EE40-4398-4337-B40E-8AACDF225BBF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc632-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"E00E02E5-109C-44E7-8C20-BFEE7C739ADC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc632-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A79836B-5EC1-40AF-8A57-9657EF6758E5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc636-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"E1BC85A6-386C-43E9-9266-50F8C53C7362\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc636-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB9BD17-7F1F-42E9-831F-EB907F9BC214\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc642-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"6ACE6C40-E0BB-4D65-A76E-BCCA262AF2FD\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc642-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10C7D54A-27B4-4195-8131-DD5380472A75\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_sc646-2c_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0\",\"matchCriteriaId\":\"9BFAB0B9-3C01-4066-B9CD-5A7C4A66AA3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_sc646-2c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E54AF1E6-0E52-447C-8946-18716D30EBE2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:6.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"850B5359-7804-406B-9DC9-D22D65ACEE40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:7.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5522AD81-A23E-47D3-82E4-6D71ECEB1DBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:8.60:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AC61C25-871B-4F6F-A5F0-77359F373681\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:11.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12A59E25-5ED3-4A6D-95F6-45750866E0D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:13.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC0DC492-706E-42FE-8757-71873B53C417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:15.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1441FE9-45C5-46C4-BF78-FD5D30F9C80C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:azul:zulu:17.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28D25E37-5479-4876-B46C-28FF87384852\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:goto:gotoassist:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.9.18\",\"matchCriteriaId\":\"BB7FB2D7-6D53-4D9C-865A-4DFC8BC82218\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/25/2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/26/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/issues/605\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-42\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220526-0009/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5111\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/24/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2022/May/38\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/25/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2022/03/26/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/madler/zlib/issues/605\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202210-42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220526-0009/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220729-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213256\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT213257\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2022/dsa-5111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/24/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/03/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"name\": \"[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"name\": \"[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"name\": \"DSA-5111\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"name\": \"[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"name\": \"FEDORA-2022-413a80a102\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"name\": \"FEDORA-2022-dbd2935e44\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"name\": \"FEDORA-2022-12b89e2aad\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"name\": \"[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"name\": \"20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"name\": \"20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"name\": \"20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"name\": \"FEDORA-2022-61cf1c64f6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/madler/zlib/issues/605\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213257\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213256\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT213255\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"name\": \"FEDORA-2022-3a92250fd5\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"name\": \"FEDORA-2022-b58a85e167\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"name\": \"[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"name\": \"GLSA-202210-42\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T12:26:39.599Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2018-25032\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T13:30:25.795648Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-05T13:13:03.002Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/24/1\"}, {\"url\": \"https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/25/2\", \"name\": \"[oss-security] 20220325 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2022/03/26/1\", \"name\": \"[oss-security] 20220326 Re: zlib memory corruption on deflate (i.e. compress)\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://www.debian.org/security/2022/dsa-5111\", \"name\": \"DSA-5111\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html\", \"name\": \"[debian-lts-announce] 20220402 [SECURITY] [DLA 2968-1] zlib security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NS2D2GFPFGOJUL4WQ3DUAY7HF4VWQ77F/\", \"name\": \"FEDORA-2022-413a80a102\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOKFMSNQ5D5WGMALBNBXU3GE442V74WU/\", \"name\": \"FEDORA-2022-dbd2935e44\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VOKNP2L734AEL47NRYGVZIKEFOUBQY5Y/\", \"name\": \"FEDORA-2022-12b89e2aad\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html\", \"name\": \"[debian-lts-announce] 20220507 [SECURITY] [DLA 2993-1] libz-mingw-w64 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/33\", \"name\": \"20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/35\", \"name\": \"20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\", \"tags\": [\"mailing-list\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2022/May/38\", \"name\": \"20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DF62MVMH3QUGMBDCB3DY2ERQ6EBHTADB/\", \"name\": \"FEDORA-2022-61cf1c64f6\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujul2022.html\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/3\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2022/03/28/1\"}, {\"url\": \"https://github.com/madler/zlib/compare/v1.2.11...v1.2.12\"}, {\"url\": \"https://github.com/madler/zlib/issues/605\"}, {\"url\": \"https://support.apple.com/kb/HT213257\"}, {\"url\": \"https://support.apple.com/kb/HT213256\"}, {\"url\": \"https://support.apple.com/kb/HT213255\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220526-0009/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220729-0004/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZZPTWRYQULAOL3AW7RZJNVZ2UONXCV4/\", \"name\": \"FEDORA-2022-3a92250fd5\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DCZFIJBJTZ7CL5QXBFKTQ22Q26VINRUF/\", \"name\": \"FEDORA-2022-b58a85e167\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html\", \"name\": \"[debian-lts-announce] 20220916 [SECURITY] [DLA 3114-1] mariadb-10.3 security update\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://security.gentoo.org/glsa/202210-42\", \"name\": \"GLSA-202210-42\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2022-12-13T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2018-25032\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-06T14:19:53.894Z\", \"dateReserved\": \"2022-03-25T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2022-03-25T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2022:1061-2
Vulnerability from csaf_suse - Published: 2022-04-13 22:13 - Updated: 2022-04-13 22:13Summary
Security update for zlib
Severity
Important
Notes
Title of the patch: Security update for zlib
Description of the patch: This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patchnames: SUSE-2022-1061,SUSE-SUSE-MicroOS-5.2-2022-1061
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for zlib",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for zlib fixes the following issues:\n\n- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1061,SUSE-SUSE-MicroOS-5.2-2022-1061",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1061-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1061-2",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221061-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1061-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010707.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
}
],
"title": "Security update for zlib",
"tracking": {
"current_release_date": "2022-04-13T22:13:15Z",
"generator": {
"date": "2022-04-13T22:13:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1061-2",
"initial_release_date": "2022-04-13T22:13:15Z",
"revision_history": [
{
"date": "2022-04-13T22:13:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-150000.3.30.1.aarch64",
"product": {
"name": "libminizip1-1.2.11-150000.3.30.1.aarch64",
"product_id": "libminizip1-1.2.11-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-150000.3.30.1.aarch64",
"product": {
"name": "libz1-1.2.11-150000.3.30.1.aarch64",
"product_id": "libz1-1.2.11-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-150000.3.30.1.aarch64",
"product": {
"name": "minizip-devel-1.2.11-150000.3.30.1.aarch64",
"product_id": "minizip-devel-1.2.11-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-150000.3.30.1.aarch64",
"product": {
"name": "zlib-devel-1.2.11-150000.3.30.1.aarch64",
"product_id": "zlib-devel-1.2.11-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-150000.3.30.1.aarch64",
"product": {
"name": "zlib-devel-static-1.2.11-150000.3.30.1.aarch64",
"product_id": "zlib-devel-static-1.2.11-150000.3.30.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product": {
"name": "libminizip1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product_id": "libminizip1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libz1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product": {
"name": "libz1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product_id": "libz1-64bit-1.2.11-150000.3.30.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product_id": "zlib-devel-64bit-1.2.11-150000.3.30.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-static-64bit-1.2.11-150000.3.30.1.aarch64_ilp32",
"product_id": "zlib-devel-static-64bit-1.2.11-150000.3.30.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-150000.3.30.1.i586",
"product": {
"name": "libminizip1-1.2.11-150000.3.30.1.i586",
"product_id": "libminizip1-1.2.11-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-150000.3.30.1.i586",
"product": {
"name": "libz1-1.2.11-150000.3.30.1.i586",
"product_id": "libz1-1.2.11-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-150000.3.30.1.i586",
"product": {
"name": "minizip-devel-1.2.11-150000.3.30.1.i586",
"product_id": "minizip-devel-1.2.11-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-150000.3.30.1.i586",
"product": {
"name": "zlib-devel-1.2.11-150000.3.30.1.i586",
"product_id": "zlib-devel-1.2.11-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-150000.3.30.1.i586",
"product": {
"name": "zlib-devel-static-1.2.11-150000.3.30.1.i586",
"product_id": "zlib-devel-static-1.2.11-150000.3.30.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-150000.3.30.1.ppc64le",
"product": {
"name": "libminizip1-1.2.11-150000.3.30.1.ppc64le",
"product_id": "libminizip1-1.2.11-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-150000.3.30.1.ppc64le",
"product": {
"name": "libz1-1.2.11-150000.3.30.1.ppc64le",
"product_id": "libz1-1.2.11-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-150000.3.30.1.ppc64le",
"product": {
"name": "minizip-devel-1.2.11-150000.3.30.1.ppc64le",
"product_id": "minizip-devel-1.2.11-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-150000.3.30.1.ppc64le",
"product": {
"name": "zlib-devel-1.2.11-150000.3.30.1.ppc64le",
"product_id": "zlib-devel-1.2.11-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-150000.3.30.1.ppc64le",
"product": {
"name": "zlib-devel-static-1.2.11-150000.3.30.1.ppc64le",
"product_id": "zlib-devel-static-1.2.11-150000.3.30.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-150000.3.30.1.s390x",
"product": {
"name": "libminizip1-1.2.11-150000.3.30.1.s390x",
"product_id": "libminizip1-1.2.11-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-150000.3.30.1.s390x",
"product": {
"name": "libz1-1.2.11-150000.3.30.1.s390x",
"product_id": "libz1-1.2.11-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-150000.3.30.1.s390x",
"product": {
"name": "minizip-devel-1.2.11-150000.3.30.1.s390x",
"product_id": "minizip-devel-1.2.11-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-150000.3.30.1.s390x",
"product": {
"name": "zlib-devel-1.2.11-150000.3.30.1.s390x",
"product_id": "zlib-devel-1.2.11-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-150000.3.30.1.s390x",
"product": {
"name": "zlib-devel-static-1.2.11-150000.3.30.1.s390x",
"product_id": "zlib-devel-static-1.2.11-150000.3.30.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "libminizip1-1.2.11-150000.3.30.1.x86_64",
"product_id": "libminizip1-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libminizip1-32bit-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "libminizip1-32bit-1.2.11-150000.3.30.1.x86_64",
"product_id": "libminizip1-32bit-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "libz1-1.2.11-150000.3.30.1.x86_64",
"product_id": "libz1-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-32bit-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "libz1-32bit-1.2.11-150000.3.30.1.x86_64",
"product_id": "libz1-32bit-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "minizip-devel-1.2.11-150000.3.30.1.x86_64",
"product_id": "minizip-devel-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "zlib-devel-1.2.11-150000.3.30.1.x86_64",
"product_id": "zlib-devel-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "zlib-devel-32bit-1.2.11-150000.3.30.1.x86_64",
"product_id": "zlib-devel-32bit-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "zlib-devel-static-1.2.11-150000.3.30.1.x86_64",
"product_id": "zlib-devel-static-1.2.11-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-32bit-1.2.11-150000.3.30.1.x86_64",
"product": {
"name": "zlib-devel-static-32bit-1.2.11-150000.3.30.1.x86_64",
"product_id": "zlib-devel-static-32bit-1.2.11-150000.3.30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-150000.3.30.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.aarch64"
},
"product_reference": "libz1-1.2.11-150000.3.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-150000.3.30.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.s390x"
},
"product_reference": "libz1-1.2.11-150000.3.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-150000.3.30.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.x86_64"
},
"product_reference": "libz1-1.2.11-150000.3.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libz1-1.2.11-150000.3.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-13T22:13:15Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
}
]
}
SUSE-SU-2022:1062-1
Vulnerability from csaf_suse - Published: 2022-04-01 09:02 - Updated: 2022-04-01 09:02Summary
Security update for zlib
Severity
Important
Notes
Title of the patch: Security update for zlib
Description of the patch: This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patchnames: SUSE-2022-1062,SUSE-OpenStack-Cloud-9-2022-1062,SUSE-OpenStack-Cloud-Crowbar-9-2022-1062,SUSE-SLE-SAP-12-SP4-2022-1062,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1062
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for zlib",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for zlib fixes the following issues:\n\n- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1062,SUSE-OpenStack-Cloud-9-2022-1062,SUSE-OpenStack-Cloud-Crowbar-9-2022-1062,SUSE-SLE-SAP-12-SP4-2022-1062,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1062",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1062-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1062-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221062-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1062-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010586.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
}
],
"title": "Security update for zlib",
"tracking": {
"current_release_date": "2022-04-01T09:02:51Z",
"generator": {
"date": "2022-04-01T09:02:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1062-1",
"initial_release_date": "2022-04-01T09:02:51Z",
"revision_history": [
{
"date": "2022-04-01T09:02:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.aarch64",
"product": {
"name": "libminizip1-1.2.11-3.6.1.aarch64",
"product_id": "libminizip1-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.aarch64",
"product": {
"name": "libz1-1.2.11-3.6.1.aarch64",
"product_id": "libz1-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.aarch64",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.aarch64",
"product_id": "minizip-devel-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.aarch64",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.aarch64",
"product_id": "zlib-devel-1.2.11-3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"product_id": "zlib-devel-static-1.2.11-3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "libminizip1-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "libz1-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "zlib-devel-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product": {
"name": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32",
"product_id": "zlib-devel-static-64bit-1.2.11-3.6.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.i586",
"product": {
"name": "libminizip1-1.2.11-3.6.1.i586",
"product_id": "libminizip1-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.i586",
"product": {
"name": "libz1-1.2.11-3.6.1.i586",
"product_id": "libz1-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.i586",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.i586",
"product_id": "minizip-devel-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.i586",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.i586",
"product_id": "zlib-devel-1.2.11-3.6.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.i586",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.i586",
"product_id": "zlib-devel-static-1.2.11-3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.ppc64le",
"product": {
"name": "libminizip1-1.2.11-3.6.1.ppc64le",
"product_id": "libminizip1-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.ppc64le",
"product": {
"name": "libz1-1.2.11-3.6.1.ppc64le",
"product_id": "libz1-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.ppc64le",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.ppc64le",
"product_id": "minizip-devel-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.ppc64le",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le",
"product_id": "zlib-devel-1.2.11-3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"product_id": "zlib-devel-static-1.2.11-3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.s390",
"product": {
"name": "libminizip1-1.2.11-3.6.1.s390",
"product_id": "libminizip1-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.s390",
"product": {
"name": "libz1-1.2.11-3.6.1.s390",
"product_id": "libz1-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.s390",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.s390",
"product_id": "minizip-devel-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.s390",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.s390",
"product_id": "zlib-devel-1.2.11-3.6.1.s390"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.s390",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390",
"product_id": "zlib-devel-static-1.2.11-3.6.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.s390x",
"product": {
"name": "libminizip1-1.2.11-3.6.1.s390x",
"product_id": "libminizip1-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libminizip1-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "libminizip1-32bit-1.2.11-3.6.1.s390x",
"product_id": "libminizip1-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.s390x",
"product": {
"name": "libz1-1.2.11-3.6.1.s390x",
"product_id": "libz1-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libz1-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "libz1-32bit-1.2.11-3.6.1.s390x",
"product_id": "libz1-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.s390x",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.s390x",
"product_id": "minizip-devel-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-32bit-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-static-1.2.11-3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"product": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"product_id": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libminizip1-1.2.11-3.6.1.x86_64",
"product": {
"name": "libminizip1-1.2.11-3.6.1.x86_64",
"product_id": "libminizip1-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libminizip1-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "libminizip1-32bit-1.2.11-3.6.1.x86_64",
"product_id": "libminizip1-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-1.2.11-3.6.1.x86_64",
"product": {
"name": "libz1-1.2.11-3.6.1.x86_64",
"product_id": "libz1-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libz1-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64",
"product_id": "libz1-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "minizip-devel-1.2.11-3.6.1.x86_64",
"product": {
"name": "minizip-devel-1.2.11-3.6.1.x86_64",
"product_id": "minizip-devel-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-32bit-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-static-1.2.11-3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"product": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"product_id": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le"
},
"product_reference": "libz1-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64"
},
"product_reference": "libz1-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le"
},
"product_reference": "libz1-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x"
},
"product_reference": "libz1-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libz1-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "libz1-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
},
"product_reference": "zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:libz1-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-32bit-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-1.2.11-3.6.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:zlib-devel-static-32bit-1.2.11-3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-01T09:02:51Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
}
]
}
SUSE-SU-2022:14929-1
Vulnerability from csaf_suse - Published: 2022-04-01 08:36 - Updated: 2022-04-01 08:36Summary
Security update for zlib
Severity
Important
Notes
Title of the patch: Security update for zlib
Description of the patch: This update for zlib fixes the following issues:
- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).
Patchnames: sleposp3-zlib-14929,slessp4-zlib-14929
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for zlib",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for zlib fixes the following issues:\n\n- CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-zlib-14929,slessp4-zlib-14929",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14929-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:14929-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-202214929-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:14929-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010584.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
}
],
"title": "Security update for zlib",
"tracking": {
"current_release_date": "2022-04-01T08:36:05Z",
"generator": {
"date": "2022-04-01T08:36:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:14929-1",
"initial_release_date": "2022-04-01T08:36:05Z",
"revision_history": [
{
"date": "2022-04-01T08:36:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.i586",
"product": {
"name": "zlib-1.2.7-0.17.3.1.i586",
"product_id": "zlib-1.2.7-0.17.3.1.i586"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.i586",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.i586",
"product_id": "zlib-devel-1.2.7-0.17.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-devel-1.2.7-0.17.3.1.ppc64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-devel-1.2.7-0.17.3.1.s390x"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "zlib-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-32bit-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-devel-1.2.7-0.17.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"product": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"product_id": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-32bit-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-32bit-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-devel-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
},
"product_reference": "zlib-devel-32bit-1.2.7-0.17.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-32bit-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.i586",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-1.2.7-0.17.3.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.s390x",
"SUSE Linux Enterprise Server 11 SP4-LTSS:zlib-devel-32bit-1.2.7-0.17.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-04-01T08:36:05Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
}
]
}
SUSE-SU-2022:3225-1
Vulnerability from csaf_suse - Published: 2022-09-09 05:57 - Updated: 2022-09-09 05:57Summary
Security update for mariadb
Severity
Important
Notes
Title of the patch: Security update for mariadb
Description of the patch: This update for mariadb fixes the following issues:
Update to 10.4.26:
- CVE-2022-32089 (bsc#1201169)
- CVE-2022-32081 (bsc#1201161)
- CVE-2022-32091 (bsc#1201170)
- CVE-2022-32084 (bsc#1201164)
- CVE-2018-25032 (bsc#1197459)
- CVE-2022-32088 (bsc#1201168)
- CVE-2022-32087 (bsc#1201167)
- CVE-2022-32086 (bsc#1201166)
- CVE-2022-32085 (bsc#1201165)
- CVE-2022-32083 (bsc#1201163)
Bugfixes:
- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).
External references:
- https://mariadb.com/kb/en/library/mariadb-10426-release-notes
- https://mariadb.com/kb/en/library/mariadb-10426-changelog
Patchnames: SUSE-2022-3225,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3225,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3225,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3225,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3225,SUSE-Storage-7-2022-3225
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
99 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
52 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mariadb",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mariadb fixes the following issues:\n\nUpdate to 10.4.26:\n\n- CVE-2022-32089 (bsc#1201169)\n- CVE-2022-32081 (bsc#1201161)\n- CVE-2022-32091 (bsc#1201170)\n- CVE-2022-32084 (bsc#1201164)\n- CVE-2018-25032 (bsc#1197459)\n- CVE-2022-32088 (bsc#1201168)\n- CVE-2022-32087 (bsc#1201167)\n- CVE-2022-32086 (bsc#1201166)\n- CVE-2022-32085 (bsc#1201165)\n- CVE-2022-32083 (bsc#1201163)\n\nBugfixes:\n\n- Update mysql-systemd-helper to be aware of custom group (bsc#1200105).\n\nExternal references:\n\n- https://mariadb.com/kb/en/library/mariadb-10426-release-notes\n- https://mariadb.com/kb/en/library/mariadb-10426-changelog\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3225,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3225,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3225,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3225,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3225,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3225,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3225,SUSE-Storage-7-2022-3225",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3225-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3225-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223225-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3225-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012197.html"
},
{
"category": "self",
"summary": "SUSE Bug 1197459",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "self",
"summary": "SUSE Bug 1200105",
"url": "https://bugzilla.suse.com/1200105"
},
{
"category": "self",
"summary": "SUSE Bug 1201161",
"url": "https://bugzilla.suse.com/1201161"
},
{
"category": "self",
"summary": "SUSE Bug 1201163",
"url": "https://bugzilla.suse.com/1201163"
},
{
"category": "self",
"summary": "SUSE Bug 1201164",
"url": "https://bugzilla.suse.com/1201164"
},
{
"category": "self",
"summary": "SUSE Bug 1201165",
"url": "https://bugzilla.suse.com/1201165"
},
{
"category": "self",
"summary": "SUSE Bug 1201166",
"url": "https://bugzilla.suse.com/1201166"
},
{
"category": "self",
"summary": "SUSE Bug 1201167",
"url": "https://bugzilla.suse.com/1201167"
},
{
"category": "self",
"summary": "SUSE Bug 1201168",
"url": "https://bugzilla.suse.com/1201168"
},
{
"category": "self",
"summary": "SUSE Bug 1201169",
"url": "https://bugzilla.suse.com/1201169"
},
{
"category": "self",
"summary": "SUSE Bug 1201170",
"url": "https://bugzilla.suse.com/1201170"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-25032 page",
"url": "https://www.suse.com/security/cve/CVE-2018-25032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32081 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32083 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32084 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32085 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32086 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32087 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32088 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32089 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-32091 page",
"url": "https://www.suse.com/security/cve/CVE-2022-32091/"
}
],
"title": "Security update for mariadb",
"tracking": {
"current_release_date": "2022-09-09T05:57:49Z",
"generator": {
"date": "2022-09-09T05:57:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3225-1",
"initial_release_date": "2022-09-09T05:57:49Z",
"revision_history": [
{
"date": "2022-09-09T05:57:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.i586",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.i586",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.i586",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.i586",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.i586",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.i586",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"product": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"product_id": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"product_id": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"product_id": "libmariadbd19-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-bench-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-bench-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-bench-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-client-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-galera-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-galera-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-galera-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-rpm-macros-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-test-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-test-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-test-10.4.26-150200.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"product": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"product_id": "mariadb-tools-10.4.26-150200.3.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.s390x as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libmariadbd19-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-client-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-client-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch"
},
"product_reference": "mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mariadb-tools-10.4.26-150200.3.31.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
},
"product_reference": "mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-25032"
}
],
"notes": [
{
"category": "general",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-25032",
"url": "https://www.suse.com/security/cve/CVE-2018-25032"
},
{
"category": "external",
"summary": "SUSE Bug 1197459 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197459"
},
{
"category": "external",
"summary": "SUSE Bug 1197893 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1197893"
},
{
"category": "external",
"summary": "SUSE Bug 1198667 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1198667"
},
{
"category": "external",
"summary": "SUSE Bug 1199104 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1199104"
},
{
"category": "external",
"summary": "SUSE Bug 1200049 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1200049"
},
{
"category": "external",
"summary": "SUSE Bug 1201732 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1201732"
},
{
"category": "external",
"summary": "SUSE Bug 1202688 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1202688"
},
{
"category": "external",
"summary": "SUSE Bug 1224427 for CVE-2018-25032",
"url": "https://bugzilla.suse.com/1224427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "important"
}
],
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2022-32081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32081"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.4 to v10.7 was discovered to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32081",
"url": "https://www.suse.com/security/cve/CVE-2022-32081"
},
{
"category": "external",
"summary": "SUSE Bug 1201161 for CVE-2022-32081",
"url": "https://bugzilla.suse.com/1201161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32081"
},
{
"cve": "CVE-2022-32083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32083"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Item_subselect::init_expr_cache_tracker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32083",
"url": "https://www.suse.com/security/cve/CVE-2022-32083"
},
{
"category": "external",
"summary": "SUSE Bug 1201163 for CVE-2022-32083",
"url": "https://bugzilla.suse.com/1201163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32083"
},
{
"cve": "CVE-2022-32084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32084"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component sub_select.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32084",
"url": "https://www.suse.com/security/cve/CVE-2022-32084"
},
{
"category": "external",
"summary": "SUSE Bug 1201164 for CVE-2022-32084",
"url": "https://bugzilla.suse.com/1201164"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32084"
},
{
"cve": "CVE-2022-32085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32085"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_func_in::cleanup/Item::cleanup_processor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32085",
"url": "https://www.suse.com/security/cve/CVE-2022-32085"
},
{
"category": "external",
"summary": "SUSE Bug 1201165 for CVE-2022-32085",
"url": "https://bugzilla.suse.com/1201165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32085"
},
{
"cve": "CVE-2022-32086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32086"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.4 to v10.8 was discovered to contain a segmentation fault via the component Item_field::fix_outer_field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32086",
"url": "https://www.suse.com/security/cve/CVE-2022-32086"
},
{
"category": "external",
"summary": "SUSE Bug 1201166 for CVE-2022-32086",
"url": "https://bugzilla.suse.com/1201166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32086"
},
{
"cve": "CVE-2022-32087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32087"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Item_args::walk_args.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32087",
"url": "https://www.suse.com/security/cve/CVE-2022-32087"
},
{
"category": "external",
"summary": "SUSE Bug 1201167 for CVE-2022-32087",
"url": "https://bugzilla.suse.com/1201167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32087"
},
{
"cve": "CVE-2022-32088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32088"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.2 to v10.7 was discovered to contain a segmentation fault via the component Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32088",
"url": "https://www.suse.com/security/cve/CVE-2022-32088"
},
{
"category": "external",
"summary": "SUSE Bug 1201168 for CVE-2022-32088",
"url": "https://bugzilla.suse.com/1201168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32088"
},
{
"cve": "CVE-2022-32089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32089"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.5 to v10.7 was discovered to contain a segmentation fault via the component st_select_lex_unit::exclude_level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32089",
"url": "https://www.suse.com/security/cve/CVE-2022-32089"
},
{
"category": "external",
"summary": "SUSE Bug 1201169 for CVE-2022-32089",
"url": "https://bugzilla.suse.com/1201169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32089"
},
{
"cve": "CVE-2022-32091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-32091"
}
],
"notes": [
{
"category": "general",
"text": "MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at /libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-32091",
"url": "https://www.suse.com/security/cve/CVE-2022-32091"
},
{
"category": "external",
"summary": "SUSE Bug 1201170 for CVE-2022-32091",
"url": "https://bugzilla.suse.com/1201170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Enterprise Storage 7:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Enterprise Storage 7:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Proxy 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Proxy 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Retail Branch Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Retail Branch Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd-devel-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:libmariadbd19-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-client-10.4.26-150200.3.31.1.x86_64",
"SUSE Manager Server 4.1:mariadb-errormessages-10.4.26-150200.3.31.1.noarch",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.ppc64le",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.s390x",
"SUSE Manager Server 4.1:mariadb-tools-10.4.26-150200.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-09T05:57:49Z",
"details": "moderate"
}
],
"title": "CVE-2022-32091"
}
]
}
VAR-202203-1690
Vulnerability from variot - Updated: 2026-03-09 20:35zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):
2057544 - Cancel rpm-ostree transaction after failed rebase 2058674 - whereabouts IPAM CNI ip-reconciler cronjob specification requires hostnetwork, api-int lb usage & proper backoff 2062655 - [4.8.z backport] cluster scaling new nodes ovs-configuration fails on all new nodes 2070762 - [4.8z] WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache 2074053 - Internal registries with a big number of images delay pod creation due to recursive SELinux file context relabeling 2074680 - csv_succeeded metric not present in olm-operator for all successful CSVs 2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file 2077004 - Bump to latest available 1.21.11 k8s 2077370 - [4.8.z] NetworkPolicy tests are failing on metal IPv6 2077765 - (release-4.8) Gather namespace names with overlapping UID ranges 2078477 - Latest ose-jenkins-agent-base:v4.9.0 image fails to start on OpenShift due to FIPS error 2084259 - [4.8] OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM 2088196 - Redfish set boot device failed for node in OCP 4.8 latest RC
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: zlib security update Advisory ID: RHSA-2023:0943-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0943 Issue date: 2023-02-28 CVE Names: CVE-2018-25032 =====================================================================
- Summary:
An update for zlib is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - x86_64
- Description:
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.
Security Fix(es):
- zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
ppc64le: zlib-1.2.7-18.el7_7.1.ppc64le.rpm zlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm zlib-devel-1.2.7-18.el7_7.1.ppc64le.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.7):
Source: zlib-1.2.7-18.el7_7.1.src.rpm
x86_64: zlib-1.2.7-18.el7_7.1.i686.rpm zlib-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-devel-1.2.7-18.el7_7.1.i686.rpm zlib-devel-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.7):
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.7):
ppc64le: minizip-1.2.7-18.el7_7.1.ppc64le.rpm minizip-devel-1.2.7-18.el7_7.1.ppc64le.rpm zlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm zlib-static-1.2.7-18.el7_7.1.ppc64le.rpm
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.7):
x86_64: minizip-1.2.7-18.el7_7.1.i686.rpm minizip-1.2.7-18.el7_7.1.x86_64.rpm minizip-devel-1.2.7-18.el7_7.1.i686.rpm minizip-devel-1.2.7-18.el7_7.1.x86_64.rpm zlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm zlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm zlib-static-1.2.7-18.el7_7.1.i686.rpm zlib-static-1.2.7-18.el7_7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBY/3zpNzjgjWX9erEAQgopRAAnicJE4nJGD63kGm+PqFucbREdCZ3tCHM ppSjAZYm6e3z2cXqCA8Y/ZQxQjLGFUuT3PtzsD8eehFIu7WL6hO7s+jVaor/PYxG h1X9YRrtAGlCrMwUXgSpTmqCeXMofoXhZRgj/0fJASp/+C6sMOBYyJkPsSCT00fu bIU/TEKTFa6UNjLGBZLNMD1htyYAI70mrLp+zJB4HlFP8G7bX8XMduBwyFu8l9Ye C4u9A4n1yUWo6eJpK1jn91y9W0VcB2JEnCQ3CySVI4Oa0hzSQBEfVnGDicELtAcv F6yV4AcCk30JtsXLtihnZszk5Ke0uH/VICY9ubPH52rBqLzCELWrAtEkcfGJnPFr /TrCfgDC9vIDE9+QPWamraX62NKy9vwOf/pPOnSOGJUYngYuVIJl/ipWwbr0BhLd J3Ckbo0jlXjjXmMKnfv0LDr/0dvLNGc4VjqbEcJULNMiUu3Lh/I0/v3H7NCr8674 RFDBaKXJlzgJGCcQ7JFr/63Aw6kOp9lVJgjbnDYs1AV/FQVkLsIvw5hIdONZI5cP uJcrO4lfjw/4827E7gdBTnQEBRuZB/wGtmtcFrvIPiK+qWl0t457ic+nvDl8noiM kBZezS7yByEjCqudJgxEYrB8uUt+gX9aj08sqeyM9jSzUCpJAVCNycufQGvmblNA vP1CheTiOdc= =wNUm -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - noarch
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):
2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements 2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control
- JIRA issues fixed (https://issues.jboss.org/):
SRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL
- Description:
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.51. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHBA-2022:2267
Space precludes documenting all of the container images in this advisory.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-x86_64
The image digest is sha256:539c1f5982343e0709179f305e347560304fdeb89a09bd042a59a58a836a0940
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-s390x
The image digest is sha256:f6fa9f75e6de166b6daccbc6830bbeaade38eac97faa2752e0c38af23aa4135e
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.51-ppc64le
The image digest is sha256:e4a1eb51749bdb0fa429e5b7f697d3b38cd32b76786dc1ce579a5d53827705b0
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Solution:
For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
Details on how to access this content are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html
- Bugs fixed (https://bugzilla.redhat.com/):
2057526 - cloud provider config change breaks the cluster 2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file 2081483 - csv_succeeded metric not present in olm-operator for all successful CSVs 2082029 - Bump to latest available 1.20.15 k8s
- Summary:
The Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console 2040693 - ?Replication repository? wizard has no validation for name length 2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters 2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor 2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com? 2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak 2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings 2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace 2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. 2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade 2061335 - [MTC UI] ?Update cluster? button is not getting disabled 2062266 - MTC UI does not display logs properly [OADP-BL] 2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend 2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x 2076593 - Velero pod log missing from UI drop down 2076599 - Velero pod log missing from downloaded logs folder [OADP-BL] 2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan 2079252 - [MTC] Rsync options logs not visible in log-reader pod 2082221 - Don't allow Storage class conversion migration if source cluster has only one storage class defined [UI] 2082225 - non-numeric user when launching stage pods [OADP-BL] 2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments 2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods 2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels 2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL] 2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts 2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL] 2096939 - Fix legacy operator.yml inconsistencies and errors 2100486 - [MTC UI] Target storage class field is not getting respected when clusters don't have replication repo configured
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.4"
},
{
"_id": null,
"model": "scalance sc626-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"_id": null,
"model": "e-series santricity os controller",
"scope": "gte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.0.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.9"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.6.0"
},
{
"_id": null,
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zlib",
"scope": "gte",
"trust": 1.0,
"vendor": "zlib",
"version": "1.2.2.2"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.5"
},
{
"_id": null,
"model": "hci compute node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"_id": null,
"model": "mac os x",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "10.15"
},
{
"_id": null,
"model": "management services for element software",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "6.45"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.10.5"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "15.38"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.2"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.36"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.7.0"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.10.0"
},
{
"_id": null,
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "scalance sc632-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "7.52"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "13.46"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.0"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.9.0"
},
{
"_id": null,
"model": "macos",
"scope": "gte",
"trust": 1.0,
"vendor": "apple",
"version": "12.0.0"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.7.14"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.26"
},
{
"_id": null,
"model": "scalance sc622-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"_id": null,
"model": "mariadb",
"scope": "lt",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.5.17"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "36"
},
{
"_id": null,
"model": "python",
"scope": "gte",
"trust": 1.0,
"vendor": "python",
"version": "3.8.0"
},
{
"_id": null,
"model": "scalance sc636-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.7.0"
},
{
"_id": null,
"model": "scalance sc642-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "zlib",
"scope": "lt",
"trust": 1.0,
"vendor": "zlib",
"version": "1.2.12"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "8.60"
},
{
"_id": null,
"model": "e-series santricity os controller",
"scope": "lte",
"trust": 1.0,
"vendor": "netapp",
"version": "11.70.2"
},
{
"_id": null,
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.8.14"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.9.0"
},
{
"_id": null,
"model": "gotoassist",
"scope": "lt",
"trust": 1.0,
"vendor": "goto",
"version": "11.9.18"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.4.0"
},
{
"_id": null,
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "11.54"
},
{
"_id": null,
"model": "macos",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.6.6"
},
{
"_id": null,
"model": "active iq unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "oncommand workflow automation",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"_id": null,
"model": "nokogiri",
"scope": "lt",
"trust": 1.0,
"vendor": "nokogiri",
"version": "1.13.4"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.8.0"
},
{
"_id": null,
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"_id": null,
"model": "scalance sc646-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0"
},
{
"_id": null,
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.15.7"
},
{
"_id": null,
"model": "mariadb",
"scope": "gte",
"trust": 1.0,
"vendor": "mariadb",
"version": "10.3.0"
},
{
"_id": null,
"model": "zulu",
"scope": "eq",
"trust": 1.0,
"vendor": "azul",
"version": "17.32"
},
{
"_id": null,
"model": "python",
"scope": "lt",
"trust": 1.0,
"vendor": "python",
"version": "3.9.13"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 0.8
},
"cve": "CVE-2018-25032",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2018-25032",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-418557",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-25032",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-25032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2018-25032",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202203-2221",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-418557",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-25032",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"description": {
"_id": null,
"data": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.3.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. Bugs fixed (https://bugzilla.redhat.com/):\n\n2057544 - Cancel rpm-ostree transaction after failed rebase\n2058674 - whereabouts IPAM CNI ip-reconciler cronjob specification requires hostnetwork, api-int lb usage \u0026 proper backoff\n2062655 - [4.8.z backport] cluster scaling new nodes ovs-configuration fails on all new nodes\n2070762 - [4.8z] WebScale: duplicate ecmp next hop error caused by multiple of the same gateway IPs in ovnkube cache\n2074053 - Internal registries with a big number of images delay pod creation due to recursive SELinux file context relabeling\n2074680 - csv_succeeded metric not present in olm-operator for all successful CSVs\n2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file\n2077004 - Bump to latest available 1.21.11 k8s\n2077370 - [4.8.z] NetworkPolicy tests are failing on metal IPv6\n2077765 - (release-4.8) Gather namespace names with overlapping UID ranges\n2078477 - Latest ose-jenkins-agent-base:v4.9.0 image fails to start on OpenShift due to FIPS error\n2084259 - [4.8] OCP ignores STOPSIGNAL in Dockerfile and sends SIGTERM\n2088196 - Redfish set boot device failed for node in OCP 4.8 latest RC\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: zlib security update\nAdvisory ID: RHSA-2023:0943-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2023:0943\nIssue date: 2023-02-28\nCVE Names: CVE-2018-25032 \n=====================================================================\n\n1. Summary:\n\nAn update for zlib is now available for Red Hat Enterprise Linux 7.7\nAdvanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.7 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.7) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.7) - x86_64\n\n3. Description:\n\nThe zlib packages provide a general-purpose lossless data compression\nlibrary that is used by many different programs. \n\nSecurity Fix(es):\n\n* zlib: A flaw found in zlib when compressing (not decompressing) certain\ninputs (CVE-2018-25032)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs\n\n6. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nppc64le:\nzlib-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-devel-1.2.7-18.el7_7.1.ppc64le.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.7):\n\nSource:\nzlib-1.2.7-18.el7_7.1.src.rpm\n\nx86_64:\nzlib-1.2.7-18.el7_7.1.i686.rpm\nzlib-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-devel-1.2.7-18.el7_7.1.i686.rpm\nzlib-devel-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7):\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.7):\n\nppc64le:\nminizip-1.2.7-18.el7_7.1.ppc64le.rpm\nminizip-devel-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.ppc64le.rpm\nzlib-static-1.2.7-18.el7_7.1.ppc64le.rpm\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7):\n\nx86_64:\nminizip-1.2.7-18.el7_7.1.i686.rpm\nminizip-1.2.7-18.el7_7.1.x86_64.rpm\nminizip-devel-1.2.7-18.el7_7.1.i686.rpm\nminizip-devel-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.i686.rpm\nzlib-debuginfo-1.2.7-18.el7_7.1.x86_64.rpm\nzlib-static-1.2.7-18.el7_7.1.i686.rpm\nzlib-static-1.2.7-18.el7_7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-25032\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2023 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY/3zpNzjgjWX9erEAQgopRAAnicJE4nJGD63kGm+PqFucbREdCZ3tCHM\nppSjAZYm6e3z2cXqCA8Y/ZQxQjLGFUuT3PtzsD8eehFIu7WL6hO7s+jVaor/PYxG\nh1X9YRrtAGlCrMwUXgSpTmqCeXMofoXhZRgj/0fJASp/+C6sMOBYyJkPsSCT00fu\nbIU/TEKTFa6UNjLGBZLNMD1htyYAI70mrLp+zJB4HlFP8G7bX8XMduBwyFu8l9Ye\nC4u9A4n1yUWo6eJpK1jn91y9W0VcB2JEnCQ3CySVI4Oa0hzSQBEfVnGDicELtAcv\nF6yV4AcCk30JtsXLtihnZszk5Ke0uH/VICY9ubPH52rBqLzCELWrAtEkcfGJnPFr\n/TrCfgDC9vIDE9+QPWamraX62NKy9vwOf/pPOnSOGJUYngYuVIJl/ipWwbr0BhLd\nJ3Ckbo0jlXjjXmMKnfv0LDr/0dvLNGc4VjqbEcJULNMiUu3Lh/I0/v3H7NCr8674\nRFDBaKXJlzgJGCcQ7JFr/63Aw6kOp9lVJgjbnDYs1AV/FQVkLsIvw5hIdONZI5cP\nuJcrO4lfjw/4827E7gdBTnQEBRuZB/wGtmtcFrvIPiK+qWl0t457ic+nvDl8noiM\nkBZezS7yByEjCqudJgxEYrB8uUt+gX9aj08sqeyM9jSzUCpJAVCNycufQGvmblNA\nvP1CheTiOdc=\n=wNUm\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - noarch\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.7 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements\n2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString\n2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nSRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL\n\n6. Description:\n\nRed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments. \n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.51. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHBA-2022:2267\n\nSpace precludes documenting all of the container images in this advisory. \n\nYou may download the oc tool and use it to inspect release image metadata\nas follows:\n\n(For x86_64 architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-x86_64\n\nThe image digest is\nsha256:539c1f5982343e0709179f305e347560304fdeb89a09bd042a59a58a836a0940\n\n(For s390x architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-s390x\n\nThe image digest is\nsha256:f6fa9f75e6de166b6daccbc6830bbeaade38eac97faa2752e0c38af23aa4135e\n\n(For ppc64le architecture)\n\n$ oc adm release info\nquay.io/openshift-release-dev/ocp-release:4.7.51-ppc64le\n\nThe image digest is\nsha256:e4a1eb51749bdb0fa429e5b7f697d3b38cd32b76786dc1ce579a5d53827705b0\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n3. Solution:\n\nFor OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2057526 - cloud provider config change breaks the cluster\n2076211 - CVE-2022-1677 openshift/router: route hijacking attack via crafted HAProxy configuration file\n2081483 - csv_succeeded metric not present in olm-operator for all successful CSVs\n2082029 - Bump to latest available 1.20.15 k8s\n\n5. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.7.2 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):\n\n2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes\n2038898 - [UI] ?Update Repository? option not getting disabled after adding the Replication Repository details to the MTC web console\n2040693 - ?Replication repository? wizard has no validation for name length\n2040695 - [MTC UI] ?Add Cluster? wizard stucks when the cluster name length is more than 63 characters\n2044591 - CVE-2022-0235 node-fetch: exposure of sensitive information to an unauthorized actor\n2048537 - Exposed route host to image registry? connecting successfully to invalid registry ?xyz.com?\n2053259 - CVE-2022-0536 follow-redirects: Exposure of Sensitive Information via Authorization Header leak\n2055658 - [MTC UI] Cancel button on ?Migrations? page does not disappear when migration gets Failed/Succeeded with warnings\n2056962 - [MTC UI] UI shows the wrong migration type info after changing the target namespace\n2058172 - [MTC UI] Successful Rollback is not showing the green success icon in the ?Last State? field. \n2058529 - [MTC UI] Migrations Plan is missing the type for the state migration performed before upgrade\n2061335 - [MTC UI] ?Update cluster? button is not getting disabled\n2062266 - MTC UI does not display logs properly [OADP-BL]\n2062862 - [MTC UI] Clusters page behaving unexpectedly on deleting the remote cluster?s service account secret from backend\n2074675 - HPAs of DeploymentConfigs are not being updated when migration from Openshift 3.x to Openshift 4.x\n2076593 - Velero pod log missing from UI drop down\n2076599 - Velero pod log missing from downloaded logs folder [OADP-BL]\n2078459 - [MTC UI] Storageclass conversion plan is adding migstorage reference in migplan\n2079252 - [MTC] Rsync options logs not visible in log-reader pod\n2082221 - Don\u0027t allow Storage class conversion migration if source cluster has only one storage class defined [UI]\n2082225 - non-numeric user when launching stage pods [OADP-BL]\n2088022 - Default CPU requests on Velero/Restic are too demanding making scheduling fail in certain environments\n2088026 - Cloud propagation phase in migration controller is not doing anything due to missing labels on Velero pods\n2089126 - [MTC] Migration controller cannot find Velero Pod because of wrong labels\n2089411 - [MTC] Log reader pod is missing velero and restic pod logs [OADP-BL]\n2089859 - [Crane] DPA CR is missing the required flag - Migration is getting failed at the EnsureCloudSecretPropagated phase due to the missing secret VolumeMounts\n2090317 - [MTC] mig-operator failed to create a DPA CR due to null values are passed instead of int [OADP-BL]\n2096939 - Fix legacy operator.yml inconsistencies and errors\n2100486 - [MTC UI] Target storage class field is not getting respected when clusters don\u0027t have replication repo configured",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-25032"
},
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
}
],
"trust": 1.8
},
"exploit_availability": {
"_id": null,
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-418557",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
]
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2018-25032",
"trust": 2.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/3",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/26/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/28/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/24/1",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2022/03/25/2",
"trust": 1.8
},
{
"db": "SIEMENS",
"id": "SSA-333517",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "167346",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169897",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "169782",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167679",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "167622",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "168352",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168042",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167327",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167391",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167400",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167956",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167088",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167142",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168696",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167008",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167602",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166946",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166563",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "170003",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167555",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167224",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167568",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167260",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167461",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167591",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168011",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167189",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167281",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169624",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166970",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "168392",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "167486",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.1366",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3050",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2411",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4601",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3299",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1665",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1863",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2561",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4568",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3228",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2709",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2474",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2181",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3821",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3236",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6128",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.5062",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6112",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3146",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2857",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2924",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.1695",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1403",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3136",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3479",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2019",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3977",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2778",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4632",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3020",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6333",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.3112",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2598",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.2900",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022033020",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072056",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022050233",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022032845",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051703",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022072010",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060505",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042114",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051324",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060127",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022061722",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070735",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022053131",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022060816",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022053025",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070643",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051742",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022040111",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022051235",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022062931",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070507",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022040603",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "166856",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "167271",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "167265",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "166552",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167133",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166967",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167381",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167122",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171157",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167225",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167140",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167277",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167330",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167485",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167334",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167116",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167389",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "166555",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167223",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "168036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167134",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167364",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167594",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171152",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167188",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167936",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167138",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167186",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167470",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167119",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167136",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167674",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "167124",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-418557",
"trust": 0.1
},
{
"db": "ICS CERT",
"id": "ICSA-23-348-10",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-25032",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "171159",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"id": "VAR-202203-1690",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
}
],
"trust": 0.6566514
},
"last_update_date": "2026-03-09T20:35:07.026000Z",
"patch": {
"_id": null,
"data": [
{
"title": "zlib Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=187366"
},
{
"title": "Debian Security Advisories: DSA-5111-1 zlib -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=1953a09ed6b6acb885ad5f0bc5c6a1cb"
},
{
"title": "Debian CVElist Bug Report Logs: CVE-2018-25032: zlib memory corruption on deflate",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=aa0fc3d1bfe74e5ba24eb36e6014b06b"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1602",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1602"
},
{
"title": "Amazon Linux AMI: ALAS-2022-1640",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2022-1640"
},
{
"title": "Amazon Linux 2: ALAS2-2022-1772",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2022-1772"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-159",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-159"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-100",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-100"
},
{
"title": "Red Hat: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-25032"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224845 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221642 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221591 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222197 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222192 - Security Advisory"
},
{
"title": "Red Hat: Important: mingw-zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20227813 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224592 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20230976 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222214 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222213 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222201 - Security Advisory"
},
{
"title": "Red Hat: Important: rsync security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222198 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221661 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224584 - Security Advisory"
},
{
"title": "Red Hat: Important: zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20230943 - Security Advisory"
},
{
"title": "Red Hat: Important: mingw-zlib security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20228420 - Security Advisory"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2018-25032"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.9.35 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222283 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6.58 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222264 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.7.51 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222268 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.6.58 security and extras update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222265 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Virtualization 4.10.2 Images security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225026 - Security Advisory"
},
{
"title": "Red Hat: Important: RHV-H security update (redhat-virtualization-host) 4.3.23",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225439 - Security Advisory"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-158",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-158"
},
{
"title": "Red Hat: Moderate: Cryostat 2.1.1: new Cryostat on RHEL 8 container images",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224985 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225152 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225187 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225192 - Security Advisory"
},
{
"title": "Brocade Security Advisories: Access Denied",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories\u0026qid=ac82ca9e02281afb3f0356588beedb43"
},
{
"title": "Red Hat: Moderate: Release of OpenShift Serverless Version 1.22.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224863 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Release of containers for OSP 16.2.z director operator tech preview",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222183 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Virtualization 4.8.7 Images bug fixes and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226890 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224691 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.8.41 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222272 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224671 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224692 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Cryostat 2.1.0: new Cryostat on RHEL 8 container images",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221679 - Security Advisory"
},
{
"title": "Red Hat: Moderate: security update for rh-sso-7/sso75-openshift-rhel8 container image",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221713 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Secondary Scheduler Operator for Red Hat OpenShift 1.0.1 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225699 - Security Advisory"
},
{
"title": "Red Hat: Important: RHACS 3.69 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225188 - Security Advisory"
},
{
"title": "Red Hat: Moderate: ACS 3.70 enhancement and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224880 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 3.11.705 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222281 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift GitOps security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224690 - Security Advisory"
},
{
"title": "Red Hat: Important: RHACS 3.68 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225132 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.10 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221715 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Logging Security and Bug update Release 5.4.1",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222216 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Openshift Logging Security and Bug update Release (5.2.10)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222218 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat OpenShift Logging Security and Bug update Release 5.3.7",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20222217 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.4 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221681 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Service Mesh 2.1.3 Containers security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225006 - Security Advisory"
},
{
"title": "Red Hat: Low: Release of OpenShift Serverless Version 1.22.0",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20221747 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.3 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225840 - Security Advisory"
},
{
"title": "Apple: macOS Monterey 12.4",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories\u0026qid=73857ee26a600b1527481f1deacc0619"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.6.5 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20224814 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Migration Toolkit for Containers (MTC) 1.7.2 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225483 - Security Advisory"
},
{
"title": "Red Hat: Moderate: OpenShift Container Platform 4.11.0 extras and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225070 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Virtualization 4.11.0 Images security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226526 - Security Advisory"
},
{
"title": "Red Hat: Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20226429 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.4.5 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225201 - Security Advisory"
},
{
"title": "Red Hat: Moderate: Red Hat Advanced Cluster Management 2.3.11 security updates and bug fixes",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225392 - Security Advisory"
},
{
"title": "Red Hat: Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20233742 - Security Advisory"
},
{
"title": "Red Hat: Important: Service Telemetry Framework 1.4 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225924 - Security Advisory"
},
{
"title": "Red Hat: Important: OpenShift Container Platform 4.11.0 bug fix and security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20225069 - Security Advisory"
},
{
"title": "SSZipArchive",
"trust": 0.1,
"url": "https://github.com/ZipArchive/ZipArchive "
},
{
"title": "UnityReleaseNotes",
"trust": 0.1,
"url": "https://github.com/mario206/UnityReleaseNotes "
},
{
"title": "zlib-patch-demo",
"trust": 0.1,
"url": "https://github.com/chainguard-dev/zlib-patch-demo "
},
{
"title": "ReptileIndexOfProject",
"trust": 0.1,
"url": "https://github.com/Webb-L/reptileIndexOfProject "
},
{
"title": "UnityReleaseNotes",
"trust": 0.1,
"url": "https://github.com/mario206/UnityReleaseNotes-latest "
},
{
"title": "snyk-to-cve",
"trust": 0.1,
"url": "https://github.com/yeforriak/snyk-to-cve "
},
{
"title": "GitHub Actions CI App Pipeline",
"trust": 0.1,
"url": "https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc "
},
{
"title": "veracode-container-security-finding-parser",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2022/03/30/zlib_data_bug/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 1.9,
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213255"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213256"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht213257"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/38"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/35"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2022/may/33"
},
{
"trust": 1.8,
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
},
{
"trust": 1.8,
"url": "https://github.com/madler/zlib/issues/605"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
},
{
"trust": 1.8,
"url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2900"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168011/red-hat-security-advisory-2022-5924-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168696/red-hat-security-advisory-2022-6890-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2709"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060127"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169897/red-hat-security-advisory-2022-8420-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167281/red-hat-security-advisory-2022-2265-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.5062"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6112"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2474"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070643"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051742"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2598"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1403"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168352/red-hat-security-advisory-2022-6429-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167602/red-hat-security-advisory-2022-5201-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1366"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051703"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169624/gentoo-linux-security-advisory-202210-42.html"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2018-25032/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169782/red-hat-security-advisory-2022-7813-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040111"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167327/red-hat-security-advisory-2022-2281-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060816"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1695"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3050"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht213255"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022053131"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022033020"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166856/red-hat-security-advisory-2022-1591-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070735"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2561"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3299"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167008/red-hat-security-advisory-2022-1747-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167679/red-hat-security-advisory-2022-5483-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051235"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3136"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167400/red-hat-security-advisory-2022-4896-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6128"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3977"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167391/red-hat-security-advisory-2022-4592-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2924"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/170003/ubuntu-security-notice-usn-5739-1.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022072056"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167956/red-hat-security-advisory-2022-5840-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022060505"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3146"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022062931"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167622/red-hat-security-advisory-2022-5392-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167088/red-hat-security-advisory-2022-1679-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3020"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022053025"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167346/red-hat-security-advisory-2022-4863-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022032845"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6333"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022050233"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070507"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022051324"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2411"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4632"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166946/red-hat-security-advisory-2022-1681-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167461/red-hat-security-advisory-2022-4985-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167568/red-hat-security-advisory-2022-5152-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3821"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1665"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1863"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3228"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2019"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2778"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167224/red-hat-security-advisory-2022-4692-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168042/red-hat-security-advisory-2022-5069-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167142/red-hat-security-advisory-2022-2216-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2857"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166970/red-hat-security-advisory-2022-1715-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb20220720108"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042114"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167260/red-hat-security-advisory-2022-2283-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167555/red-hat-security-advisory-2022-5132-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167591/red-hat-security-advisory-2022-5188-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022061722"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168392/red-hat-security-advisory-2022-6526-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167486/ubuntu-security-notice-usn-5359-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022040603"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.2181"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/167189/apple-security-advisory-2022-05-16-4.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166563/ubuntu-security-notice-usn-5359-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3112"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3236"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3479"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4568"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4601"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2022-1271"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-4189"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3634"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3737"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3752"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4157"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3744"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0235"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41617"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45485"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3773"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4002"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43976"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43389"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-44733"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0536"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21781"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4037"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-29154"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-37159"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-4788"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3772"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3669"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3764"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-43056"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-41864"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4197"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0941"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3612"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-27820"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3743"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1011"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-13974"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-20322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4083"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-45486"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0322"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2020-4788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-26401"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0286"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0001"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-23806"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3759"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-21781"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-0002"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-4203"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-42739"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-0404"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1677"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2022-1677"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://github.com/ziparchive/ziparchive"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3669"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1708"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html-single/install/index#installing"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3696"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38185"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-0492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29526"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28736"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3697"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28734"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28737"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25219"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3695"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-28735"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-24785"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5392"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-29810"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.3/html/release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21443"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21476"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21496"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2272"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:2270"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21496"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-release-notes.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21434"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21443"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-21434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-21476"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:8420"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2023:0943"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:7813"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23806"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-23772"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3737"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-4189"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23773"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:4863"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23772"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhba-2022:2267"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:2268"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3807"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-1154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-26691"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2022:5483"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-19131"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2022-23852"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-35492"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-418557"
},
{
"db": "VULMON",
"id": "CVE-2018-25032"
},
{
"db": "PACKETSTORM",
"id": "167622"
},
{
"db": "PACKETSTORM",
"id": "167271"
},
{
"db": "PACKETSTORM",
"id": "169897"
},
{
"db": "PACKETSTORM",
"id": "171159"
},
{
"db": "PACKETSTORM",
"id": "169782"
},
{
"db": "PACKETSTORM",
"id": "167346"
},
{
"db": "PACKETSTORM",
"id": "167265"
},
{
"db": "PACKETSTORM",
"id": "167679"
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
},
{
"db": "NVD",
"id": "CVE-2018-25032"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167622",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167271",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169897",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "171159",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "169782",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167346",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167265",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "167679",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2022-03-25T00:00:00",
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"date": "2022-03-25T00:00:00",
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"date": "2022-06-29T20:27:02",
"db": "PACKETSTORM",
"id": "167622",
"ident": null
},
{
"date": "2022-05-26T16:32:44",
"db": "PACKETSTORM",
"id": "167271",
"ident": null
},
{
"date": "2022-11-16T16:09:49",
"db": "PACKETSTORM",
"id": "169897",
"ident": null
},
{
"date": "2023-02-28T16:53:38",
"db": "PACKETSTORM",
"id": "171159",
"ident": null
},
{
"date": "2022-11-08T13:50:54",
"db": "PACKETSTORM",
"id": "169782",
"ident": null
},
{
"date": "2022-06-01T17:29:48",
"db": "PACKETSTORM",
"id": "167346",
"ident": null
},
{
"date": "2022-05-26T16:03:57",
"db": "PACKETSTORM",
"id": "167265",
"ident": null
},
{
"date": "2022-07-01T15:04:32",
"db": "PACKETSTORM",
"id": "167679",
"ident": null
},
{
"date": "2022-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"date": "2022-03-25T09:15:08.187000",
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2023-02-11T00:00:00",
"db": "VULHUB",
"id": "VHN-418557",
"ident": null
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2018-25032",
"ident": null
},
{
"date": "2023-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202203-2221",
"ident": null
},
{
"date": "2025-08-21T20:37:11.840000",
"db": "NVD",
"id": "CVE-2018-25032",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "zlib Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
},
"type": {
"_id": null,
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202203-2221"
}
],
"trust": 0.6
}
}
VDE-2022-046
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2022-11-10 07:00 - Updated: 2025-05-22 13:03Summary
PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware
Notes
Summary: UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.
Impact: Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Mitigation: Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Remediation: Update to the latest LTS Firmware Release.
Update to the latest LTS PLCnext Engineer Release.
Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 8.2.4979.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).
8.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when '--no-clobber' is used together with '--remove-on-error'.
8.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.
5.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.
5.7 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.
4.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like 'http://example.com%2F127.0.0.1/', would be allowed bythe parser and get transposed into 'http://example.com/127.0.0.1/'. This flawcan be used to circumvent filters, checks and more.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
libcurl provides the 'CURLOPT_CERTINFO' option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
9.8 (Critical)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
6.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
5.9 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
A malicious server can serve excessive amounts of 'Set-Cookie:' headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on 'foo.example.com' can set cookies that also would match for 'bar.example.com', making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
4.3 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.
8.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Heap-based Buffer Overflow
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Use After Free
7.3 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
vim is vulnerable to Out-of-bounds Read
7.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 9.0.0046.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
5.5 (Medium)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.1 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Use After Free in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
7.8 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.
7.5 (High)
Mitigation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection
Vendor Fix
Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage for further Updates of this Advisory.
Affected products
Fixed
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-32003 | — | ||
| Unresolved product id: CSAFPID-32004 | — | ||
| Unresolved product id: CSAFPID-32005 | — | ||
| Unresolved product id: CSAFPID-32006 | — | ||
| Unresolved product id: CSAFPID-32007 | — | ||
| Unresolved product id: CSAFPID-32008 | — | ||
| Unresolved product id: CSAFPID-32009 | — |
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-31003 | — | ||
| Unresolved product id: CSAFPID-31004 | — | ||
| Unresolved product id: CSAFPID-31005 | — | ||
| Unresolved product id: CSAFPID-31006 | — | ||
| Unresolved product id: CSAFPID-31007 | — | ||
| Unresolved product id: CSAFPID-31008 | — | ||
| Unresolved product id: CSAFPID-31009 | — |
References
4 references
Acknowledgments
CERT@VDE
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "UPDATE A: Two devices (ENERGY AXC PU, SMARTRTU AXC SG) added (24.11.2022) Update for PLCnext Firmware containing fixes for recent vulnerability findings in Linux components and security enhancements. PLCnext Control AXC F x152 is certified according to IEC 62443-4-1 and IEC 62443-4-2. This certification requires that all third-party components used in the firmware are regularly checked for known vulnerabilities.",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to the latest LTS Firmware Release.\nUpdate to the latest LTS PLCnext Engineer Release.\n\nPlease check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PHOENIX CONTACT PSIRT ",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for PHOENIX CONTACT",
"url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
},
{
"category": "self",
"summary": "VDE-2022-046: PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-046/"
},
{
"category": "self",
"summary": "VDE-2022-046: PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-046.json"
}
],
"title": "PHOENIX CONTACT: Multiple Linux component vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2022-046"
],
"current_release_date": "2025-05-22T13:03:10.000Z",
"generator": {
"date": "2025-04-01T06:22:01.779Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.22"
}
},
"id": "VDE-2022-046",
"initial_release_date": "2022-11-10T07:00:00.000Z",
"revision_history": [
{
"date": "2022-10-11T06:00:00.000Z",
"number": "1",
"summary": "Initial revision."
},
{
"date": "2022-11-24T07:51:00.000Z",
"number": "2",
"summary": "Update A"
},
{
"date": "2025-05-22T13:03:10.000Z",
"number": "3",
"summary": "Fix: quotation mark"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
},
{
"category": "product_name",
"name": "ENERGY AXC PU",
"product": {
"name": "ENERGY AXC PU",
"product_id": "CSAFPID-11005",
"product_identification_helper": {
"model_numbers": [
"1264327"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1502",
"product": {
"name": "EPC 1502",
"product_id": "CSAFPID-11006",
"product_identification_helper": {
"model_numbers": [
"1185416"
]
}
}
},
{
"category": "product_name",
"name": "EPC 1522",
"product": {
"name": "EPC 1522",
"product_id": "CSAFPID-11007",
"product_identification_helper": {
"model_numbers": [
"1185423"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11008",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "SMARTRTU AXC SG",
"product": {
"name": "SMARTRTU AXC SG",
"product_id": "CSAFPID-11009",
"product_identification_helper": {
"model_numbers": [
"1110435"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2022.0.8 LTS",
"product": {
"name": "Firmware \u003c2022.0.8 LTS",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version_range",
"name": "\u003cV04.14.00.00",
"product": {
"name": "Firmware \u003cV04.14.00.00",
"product_id": "CSAFPID-21002"
}
},
{
"category": "product_version_range",
"name": "\u003c2022.0.7 LTS",
"product": {
"name": "Firmware \u003c2022.0.7 LTS",
"product_id": "CSAFPID-21003"
}
},
{
"category": "product_version_range",
"name": "\u003cV01.09.00.00",
"product": {
"name": "Firmware \u003cV01.09.00.00",
"product_id": "CSAFPID-21004"
}
},
{
"category": "product_version",
"name": "2022.0.8 LTS",
"product": {
"name": "Firmware 2022.0.8 LTS",
"product_id": "CSAFPID-22001"
}
},
{
"category": "product_version",
"name": "V04.14.00.00",
"product": {
"name": "Firmware V04.14.00.00",
"product_id": "CSAFPID-22002"
}
},
{
"category": "product_version",
"name": "2022.0.7 LTS",
"product": {
"name": "Firmware 2022.0.7 LTS",
"product_id": "CSAFPID-22003"
}
},
{
"category": "product_version",
"name": "V01.09.00.00",
"product": {
"name": "Firmware V01.09.00.00",
"product_id": "CSAFPID-22004"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "PHOENIX CONTACT"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"summary": "Fixed Products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 1152",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 1152",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 2152",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 2152",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on AXC F 3152",
"product_id": "CSAFPID-31003"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on AXC F 3152",
"product_id": "CSAFPID-32003"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on BPC 9102S",
"product_id": "CSAFPID-31004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on BPC 9102S",
"product_id": "CSAFPID-32004"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV04.14.00.00 installed on ENERGY AXC PU",
"product_id": "CSAFPID-31005"
},
"product_reference": "CSAFPID-21002",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V04.14.00.00 installed on ENERGY AXC PU",
"product_id": "CSAFPID-32005"
},
"product_reference": "CSAFPID-22002",
"relates_to_product_reference": "CSAFPID-11005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.7 LTS installed on EPC 1502",
"product_id": "CSAFPID-31006"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.7 LTS installed on EPC 1502",
"product_id": "CSAFPID-32006"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.7 LTS installed on EPC 1522",
"product_id": "CSAFPID-31007"
},
"product_reference": "CSAFPID-21003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.7 LTS installed on EPC 1522",
"product_id": "CSAFPID-32007"
},
"product_reference": "CSAFPID-22003",
"relates_to_product_reference": "CSAFPID-11007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c2022.0.8 LTS installed on RFC 4072S",
"product_id": "CSAFPID-31008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2022.0.8 LTS installed on RFC 4072S",
"product_id": "CSAFPID-32008"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003cV01.09.00.00 installed on SMARTRTU AXC SG",
"product_id": "CSAFPID-31009"
},
"product_reference": "CSAFPID-21004",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware V01.09.00.00 installed on SMARTRTU AXC SG",
"product_id": "CSAFPID-32009"
},
"product_reference": "CSAFPID-22004",
"relates_to_product_reference": "CSAFPID-11009"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-29824",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don\u0027t check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2\u0027s buffer functions, for example libxslt through 1.1.35, is affected as well.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-23308",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-28391",
"notes": [
{
"category": "description",
"text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record\u0027s value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal\u0027s colors.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-28391"
},
{
"cve": "CVE-2022-0547",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0547"
},
{
"cve": "CVE-2022-1381",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "global heap buffer overflow in skip_range in GitHub repository vim/vim prior to 8.2.4763. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1381"
},
{
"cve": "CVE-2022-1420",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1420"
},
{
"cve": "CVE-2022-1733",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1733"
},
{
"cve": "CVE-2022-1796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 8.2.4979.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1796"
},
{
"cve": "CVE-2022-1621",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1621"
},
{
"cve": "CVE-2022-1616",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1616"
},
{
"cve": "CVE-2022-25313",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2021-45117",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "The OPC autogenerated ANSI C stack stubs (in the NodeSets) do not handle all error cases. This can lead to a NULL pointer dereference.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-45117"
},
{
"cve": "CVE-2022-1619",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashing software, modify memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1619"
},
{
"cve": "CVE-2022-25235",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "description",
"text": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "description",
"text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-1629",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1629"
},
{
"cve": "CVE-2022-1735",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1735"
},
{
"cve": "CVE-2022-1769",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1769"
},
{
"cve": "CVE-2022-1785",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1785"
},
{
"cve": "CVE-2022-1620",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 allows attackers to cause a denial of service (application crash) via a crafted input.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1620"
},
{
"cve": "CVE-2022-1674",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 in GitHub repository vim/vim prior to 8.2.4938. NULL Pointer Dereference in function vim_regexec_string at regexp.c:2733 allows attackers to cause a denial of service (application crash) via a crafted input.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1674"
},
{
"cve": "CVE-2022-1771",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "description",
"text": "Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1771"
},
{
"cve": "CVE-2022-1886",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1886"
},
{
"cve": "CVE-2022-1851",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1851"
},
{
"cve": "CVE-2022-1898",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1898"
},
{
"cve": "CVE-2022-1720",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1720"
},
{
"cve": "CVE-2018-25032",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2022-22576",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "description",
"text": "An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-22576"
},
{
"cve": "CVE-2022-27778",
"cwe": {
"id": "CWE-706",
"name": "Use of Incorrectly-Resolved Name or Reference"
},
"notes": [
{
"category": "description",
"text": "A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when \u0027--no-clobber\u0027 is used together with \u0027--remove-on-error\u0027.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27778"
},
{
"cve": "CVE-2022-27779",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "description",
"text": "libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl\u0027s \"cookie engine\" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided, a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27779"
},
{
"cve": "CVE-2022-27782",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "description",
"text": "libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, several TLS andSSH settings were left out from the configuration match checks, making themmatch too easily.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27782"
},
{
"cve": "CVE-2022-27774",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "description",
"text": "An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27774"
},
{
"cve": "CVE-2022-25314",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-27776",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "description",
"text": "A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27776"
},
{
"cve": "CVE-2022-30115",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "description",
"text": "Using its HSTS support, curl can be instructed to use HTTPS directly insteadof using an insecure clear-text HTTP step even when HTTP is provided in theURL. This mechanism could be bypassed if the host name in the given URL used atrailing dot while not using one when it built the HSTS cache. Or the otherway around - by having the trailing dot in the HSTS cache and *not* using thetrailing dot in the URL.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-30115"
},
{
"cve": "CVE-2022-27780",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "description",
"text": "The curl URL parser wrongly accepts percent-encoded URL separators like \u0027/\u0027when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like \u0027http://example.com%2F127.0.0.1/\u0027, would be allowed bythe parser and get transposed into \u0027http://example.com/127.0.0.1/\u0027. This flawcan be used to circumvent filters, checks and more.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27780"
},
{
"cve": "CVE-2022-27781",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "libcurl provides the \u0027CURLOPT_CERTINFO\u0027 option to allow applications torequest details to be returned about a server\u0027s certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27781"
},
{
"cve": "CVE-2022-27775",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-27775"
},
{
"cve": "CVE-2022-32207",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"notes": [
{
"category": "description",
"text": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32207"
},
{
"cve": "CVE-2022-32206",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32206"
},
{
"cve": "CVE-2022-32208",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32208"
},
{
"cve": "CVE-2022-32205",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "description",
"text": "A malicious server can serve excessive amounts of \u0027Set-Cookie:\u0027 headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on \u0027foo.example.com\u0027 can set cookies that also would match for \u0027bar.example.com\u0027, making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-32205"
},
{
"cve": "CVE-2019-19906",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2022-24407",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-1154",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1154"
},
{
"cve": "CVE-2022-0943",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0943"
},
{
"cve": "CVE-2022-1160",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "heap buffer overflow in get_one_sourceline in GitHub repository vim/vim prior to 8.2.4647.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1160"
},
{
"cve": "CVE-2022-0729",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0572",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0696",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0685",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"notes": [
{
"category": "description",
"text": "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0714",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0361",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0361"
},
{
"cve": "CVE-2022-0368",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0368"
},
{
"cve": "CVE-2021-3973",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Heap-based Buffer Overflow",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-3973"
},
{
"cve": "CVE-2021-3796",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Use After Free",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.3,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-3796"
},
{
"cve": "CVE-2021-4166",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "vim is vulnerable to Out-of-bounds Read",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2022-1927",
"cwe": {
"id": "CWE-126",
"name": "Buffer Over-read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1927"
},
{
"cve": "CVE-2022-1942",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-1942"
},
{
"cve": "CVE-2022-2129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2129"
},
{
"cve": "CVE-2022-2175",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Buffer Over-read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2175"
},
{
"cve": "CVE-2022-2182",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2182"
},
{
"cve": "CVE-2022-0778",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-2183",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2183"
},
{
"cve": "CVE-2022-2343",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2343"
},
{
"cve": "CVE-2022-2207",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2207"
},
{
"cve": "CVE-2022-2210",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2210"
},
{
"cve": "CVE-2022-2344",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2344"
},
{
"cve": "CVE-2022-2345",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 9.0.0046.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2345"
},
{
"cve": "CVE-2022-2208",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2208"
},
{
"cve": "CVE-2022-2231",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2231"
},
{
"cve": "CVE-2022-2287",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2287"
},
{
"cve": "CVE-2022-2285",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2285"
},
{
"cve": "CVE-2022-2284",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2284"
},
{
"cve": "CVE-2022-2286",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2286"
},
{
"cve": "CVE-2022-2289",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use After Free in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2289"
},
{
"cve": "CVE-2022-2288",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2288"
},
{
"cve": "CVE-2022-2264",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2264"
},
{
"cve": "CVE-2022-2206",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2206"
},
{
"cve": "CVE-2022-2257",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-2257"
},
{
"cve": "CVE-2022-29862",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "An infinite loop in OPC UA .NET Standard Stack 1.04.368 allows a remote attackers to cause the application to hang via a crafted message.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29862"
},
{
"cve": "CVE-2022-29864",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32003",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32006",
"CSAFPID-32007",
"CSAFPID-32008",
"CSAFPID-32009"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our application note:Measures to protect network-capable devices with Ethernet connection",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to the latest LTS Firmware Release.Update to the latest LTS PLCnext Engineer Release.Please check Phoenix Contact PSIRT webpage\u00a0for further Updates of this Advisory.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31003",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31006",
"CSAFPID-31007",
"CSAFPID-31008",
"CSAFPID-31009"
]
}
],
"title": "CVE-2022-29864"
}
]
}
WID-SEC-W-2022-0005
Vulnerability from csaf_certbund - Published: 2022-04-03 22:00 - Updated: 2025-12-28 23:00Summary
zlib: Schwachstelle ermöglicht Codeausführung
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuführen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme: - Appliance
- Hardware Appliance
- Linux
- Sonstiges
- UNIX
Affected products
Known affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
genua genuscreen <7.6p7
genua / genuscreen
|
<7.6p7 | ||
|
genua genuscreen <8.0p4
genua / genuscreen
|
<8.0p4 | ||
|
Juniper Junos Space <22.2R1
Juniper / Junos Space
|
<22.2R1 | ||
|
Broadcom Brocade Switch
Broadcom
|
cpe:/h:brocade:switch:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Avaya Session Border Controller
Avaya
|
cpe:/h:avaya:session_border_controller:-
|
— | |
|
IBM DB2 10.5
IBM / DB2
|
cpe:/a:ibm:db2:v10.5
|
10.5 | |
|
IBM DB2 11.5
IBM / DB2
|
cpe:/a:ibm:db2:v11.5
|
11.5 | |
|
Open Source zlib <1.2.12
Open Source / zlib
|
<1.2.12 | ||
|
Avaya CMS
Avaya
|
cpe:/a:avaya:call_management_system_server:-
|
— | |
|
IBM Spectrum Protect for Virtual Environments
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:for_virtual_environments
|
for Virtual Environments | |
|
Dell NetWorker <19.9.0.1
Dell / NetWorker
|
<19.9.0.1 | ||
|
Oracle VM 3
Oracle / VM
|
cpe:/a:oracle:vm:3
|
3 | |
|
IBM Cognos Analytics <12.0.4 IF2
IBM / Cognos Analytics
|
<12.0.4 IF2 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
IBM Spectrum Protect for Space Management Client
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:for_space_management_client
|
for Space Management Client | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Avaya Aura Device Services
Avaya
|
cpe:/a:avaya:aura_device_services:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
HPE Switch
HPE
|
cpe:/h:hp:switch:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
IBM Content Manager
IBM
|
cpe:/a:ibm:content_manager:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— | |
|
Avaya Web License Manager
Avaya
|
cpe:/a:avaya:web_license_manager:-
|
— | |
|
IBM QRadar SIEM 7.5
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.5
|
7.5 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM DataPower Gateway <10.6.4.0
IBM / DataPower Gateway
|
<10.6.4.0 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
IBM Spectrum Protect 8.1.17
IBM / Spectrum Protect
|
cpe:/a:ibm:spectrum_protect:8.1.17
|
8.1.17 | |
|
IBM QRadar SIEM 7.4
IBM / QRadar SIEM
|
cpe:/a:ibm:qradar_siem:7.4
|
7.4 | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
FreeBSD Project FreeBSD OS
FreeBSD Project
|
cpe:/o:freebsd:freebsd:-
|
— | |
|
Avaya Breeze Platform
Avaya
|
cpe:/a:avaya:breeze_platform:-
|
— | |
|
Tenable Security Nessus
Tenable Security
|
cpe:/a:tenable:nessus:-
|
— | |
|
IBM Security Verify Access <10.0.5-ISS-ISVA-FP000
IBM / Security Verify Access
|
<10.0.5-ISS-ISVA-FP000 | ||
|
IBM Tivoli Business Service Manager 6.2.0
IBM / Tivoli Business Service Manager
|
cpe:/a:ibm:tivoli_business_service_manager:6.2.0
|
6.2.0 | |
|
Sophos Unified Threat Management (UTM) Software 9.7 MR15
Sophos / Unified Threat Management (UTM) Software
|
cpe:/a:sophos:unified_threat_management_software:9.7_mr15
|
9.7 MR15 | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
IBM Tivoli Monitoring
IBM
|
cpe:/a:ibm:tivoli_monitoring:6.3.0.7
|
— | |
|
IBM MQ
IBM
|
cpe:/a:ibm:mq:-
|
— | |
|
IBM VIOS
IBM
|
cpe:/a:ibm:vios:-
|
— | |
|
genua genugate <10.0p8
genua / genugate
|
<10.0p8 | ||
|
IBM DB2 11.1
IBM / DB2
|
cpe:/a:ibm:db2:11.1
|
11.1 | |
|
Open Source Arch Linux
Open Source
|
cpe:/o:archlinux:archlinux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM AIX
IBM
|
cpe:/o:ibm:aix:-
|
— | |
|
IBM DataPower Gateway <10.5.0.17
IBM / DataPower Gateway
|
<10.5.0.17 | ||
|
IBM DataPower Gateway <10.6.0.5
IBM / DataPower Gateway
|
<10.6.0.5 | ||
|
Autodesk AutoCAD
Autodesk
|
cpe:/a:autodesk:autocad:2023.1.1
|
— | |
|
IBM Cognos Analytics <11.2.4 IF4
IBM / Cognos Analytics
|
<11.2.4 IF4 | ||
|
IGEL OS
IGEL
|
cpe:/o:igel:os:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
References
113 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die zlib ist eine freie Programmbibliothek zum Komprimieren und Dekomprimieren von Daten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in zlib ausnutzen, um beliebigen Programmcode auszuf\u00fchren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Hardware Appliance\n- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0005 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0005.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0005 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0005"
},
{
"category": "external",
"summary": "Red Hat Security Adivisory CVE-2018-25032 vom 2022-04-03",
"url": "https://access.redhat.com/security/cve/cve-2018-25032"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010584.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010586.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010582.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010583.html"
},
{
"category": "external",
"summary": "SUSE Security Advisory vom 2022-04-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010557.html"
},
{
"category": "external",
"summary": "Debian Security Advisory vom 2022-04-03",
"url": "https://www.debian.org/security/2022/dsa-5111"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5355-1 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5355-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5355-2 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5355-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5359-1 vom 2022-04-03",
"url": "https://ubuntu.com/security/notices/USN-5359-1"
},
{
"category": "external",
"summary": "PoC auf Openwall.com vom 2022-04-03",
"url": "https://www.openwall.com/lists/oss-security/2022/03/26/1"
},
{
"category": "external",
"summary": "OpenBSD Security Advisory vom 2022-04-03",
"url": "https://www.openbsd.org/errata69.html"
},
{
"category": "external",
"summary": "OpenBSD Security Advisory vom 2022-04-03",
"url": "https://www.openbsd.org/errata70.html"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202204-3 vom 2022-04-05",
"url": "https://security.archlinux.org/ASA-202204-3"
},
{
"category": "external",
"summary": "FreeBSD Security Advisory FREEBSD-SA-22:08.ZLIB vom 2022-04-06",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-22:08.zlib.asc"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1772 vom 2022-04-07",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2022-1772.html"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2022-09 vom 2022-04-08",
"url": "https://kb.igel.com/securitysafety/en/isn-2022-09-zlib-vulnerability-57337946.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:1061-2 vom 2022-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010707.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1591 vom 2022-04-27",
"url": "https://access.redhat.com/errata/RHSA-2022:1591"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-1642 vom 2022-04-28",
"url": "http://linux.oracle.com/errata/ELSA-2022-1642.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1642 vom 2022-04-28",
"url": "https://access.redhat.com/errata/RHSA-2022:1642"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1661 vom 2022-05-02",
"url": "https://access.redhat.com/errata/RHSA-2022:1661"
},
{
"category": "external",
"summary": "Genua Update Seite",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genuscreen-box-crypt-card-wall-76p7-verfuegbar.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-044 vom 2022-05-04",
"url": "https://downloads.avaya.com/css/P8/documents/101081674"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2993 vom 2022-05-07",
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1679 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1679"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2218 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2218"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2183 vom 2022-05-11",
"url": "https://access.redhat.com/errata/RHSA-2022:2183"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2192 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2192"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2197 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2197"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2198 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2198"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2201 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2213 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2213"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2214 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2216 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2217 vom 2022-05-12",
"url": "https://access.redhat.com/errata/RHSA-2022:2217"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-2213 vom 2022-05-12",
"url": "http://linux.oracle.com/errata/ELSA-2022-2213.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2022:2213 vom 2022-05-13",
"url": "https://lists.centos.org/pipermail/centos-announce/2022-May/073584.html"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-064 vom 2022-05-12",
"url": "https://downloads.avaya.com/css/P8/documents/101081774"
},
{
"category": "external",
"summary": "Patch genugate 10.0p8 vom 2022-05-17",
"url": "https://kunde.genua.de/nc/suche/view/neuer-patch-genugate-100p8-verfuegbar.html?tx_genusupport_content%5Bidentity%5D=0\u0026tx_genusupport_content%5BsearchTerm%5D=\u0026tx_genusupport_content%5BforcePath%5D=\u0026tx_genusupport_content%5Baction%5D=genuSupportSearch\u0026tx_g"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4690 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4690"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4691 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4691"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-2201 vom 2022-05-19",
"url": "https://linux.oracle.com/errata/ELSA-2022-2201.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4692 vom 2022-05-19",
"url": "https://access.redhat.com/errata/RHSA-2022:4692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4592 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4592"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4671 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4671"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4584 vom 2022-05-20",
"url": "https://access.redhat.com/errata/RHSA-2022:4584"
},
{
"category": "external",
"summary": "F5 Security Advisory K21548854 vom 2022-05-19",
"url": "https://support.f5.com/csp/article/K21548854"
},
{
"category": "external",
"summary": "Owncloud Security Update",
"url": "https://owncloud.com/security-advisories/cve-2018-25032/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2265 vom 2022-05-27",
"url": "https://access.redhat.com/errata/RHSA-2022:2265"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2264 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2264"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220526-0009 vom 2022-05-26",
"url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
},
{
"category": "external",
"summary": "Tenable Security Advisory",
"url": "https://www.tenable.com/security/tns-2022-12"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2272 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2272"
},
{
"category": "external",
"summary": "Tenable Security Advisory",
"url": "https://www.tenable.com/security/tns-2022-11"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:2268 vom 2022-05-26",
"url": "https://access.redhat.com/errata/RHSA-2022:2268"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6589939 vom 2022-05-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-operator-and-queue-manager-container-images-are-vulnerable-to-multiple-vulnerabilities-from-gzip-jackson-databind-libssh-gnutls-nettle-and-zlib/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4845 vom 2022-05-31",
"url": "https://access.redhat.com/errata/RHSA-2022:4845"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4863 vom 2022-06-01",
"url": "https://access.redhat.com/errata/RHSA-2022:4863"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4880 vom 2022-06-02",
"url": "https://access.redhat.com/errata/RHSA-2022:4880"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4896 vom 2022-06-03",
"url": "https://access.redhat.com/errata/RHSA-2022:4896"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:4985 vom 2022-06-09",
"url": "https://access.redhat.com/errata/RHSA-2022:4985"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5359-2 vom 2022-06-13",
"url": "https://ubuntu.com/security/notices/USN-5359-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5026 vom 2022-06-15",
"url": "https://access.redhat.com/errata/RHSA-2022:5026"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2022-063 vom 2022-06-21",
"url": "https://downloads.avaya.com/css/P8/documents/101082339"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5192 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5192"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2022:2174-1 vom 2022-06-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011348.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5188 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5188"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5187 vom 2022-06-25",
"url": "https://access.redhat.com/errata/RHSA-2022:5187"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5439 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5439"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-4584 vom 2022-07-01",
"url": "http://linux.oracle.com/errata/ELSA-2022-4584.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:5483 vom 2022-07-01",
"url": "https://access.redhat.com/errata/RHSA-2022:5483"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-4592 vom 2022-07-01",
"url": "http://linux.oracle.com/errata/ELSA-2022-4592.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1602 vom 2022-07-07",
"url": "https://alas.aws.amazon.com/ALAS-2022-1602.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9565 vom 2022-07-07",
"url": "https://linux.oracle.com/errata/ELSA-2022-9565.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-100 vom 2022-07-21",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-100.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220729-0004 vom 2022-08-19",
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824729 vom 2022-09-29",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-content-manager-ondemand-for-multiplatforms-is-affected-by-a-vulnerability-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824731 vom 2022-09-29",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-content-manager-ondemand-for-ibm-i-is-affected-by-a-vulnerability-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6824891 vom 2022-09-28",
"url": "https://aix.software.ibm.com/aix/efixes/security/zlib_advisory.asc"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6823767 vom 2022-09-30",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-mq-is-vulnerable-to-an-issue-within-the-zlib-library-cve-2018-25032/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6825735 vom 2022-10-01",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-monitoring-basic-services-is-vulnerable-to-a-denial-of-service-attack-in-zlib-component-cve-2018-25032/"
},
{
"category": "external",
"summary": "Autodesk Security Advisory ADSK-SA-2022-0023 vom 2022-10-07",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0023"
},
{
"category": "external",
"summary": "Juniper Security Bulletin",
"url": "https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6831855 vom 2022-10-26",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-using-components-with-known-vulnerabilities-14/"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202210-42 vom 2022-10-31",
"url": "https://security.gentoo.org/glsa/202210-42"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-159 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-159.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-158 vom 2022-11-04",
"url": "https://alas.aws.amazon.com/AL2022/ALAS-2022-158.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7813 vom 2022-11-08",
"url": "https://access.redhat.com/errata/RHSA-2022:7813"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:8420 vom 2022-11-15",
"url": "https://access.redhat.com/errata/RHSA-2022:8420"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-8420 vom 2022-11-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-8420.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2022-1640 vom 2022-12-10",
"url": "https://alas.aws.amazon.com/ALAS-2022-1640.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6847653 vom 2022-12-20",
"url": "https://www.ibm.com/support/pages/node/6847653"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6833196 vom 2022-12-23",
"url": "https://www.ibm.com/support/pages/node/6846533"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6827869 vom 2022-12-23",
"url": "https://www.ibm.com/support/pages/node/6842075"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6855297 vom 2023-01-13",
"url": "https://www.ibm.com/support/pages/node/6855297"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0976 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0976"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0975 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0975"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:0943 vom 2023-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:0943"
},
{
"category": "external",
"summary": "Sophos UTM Up2date 9.715 vom 2023-03-13",
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-715-released"
},
{
"category": "external",
"summary": "Dell Security Update for Dell NetWorker",
"url": "https://www.dell.com/support/kbdoc/de-de/000215499/dsa-2023-231-security-update-for-dell-networker-zlib-1-2-3"
},
{
"category": "external",
"summary": "HPE Securi+y Bulletin",
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-hpesbst04494en_us"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2023-0011 vom 2023-08-17",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2023-August/001074.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7087162 vom 2023-12-01",
"url": "https://www.ibm.com/support/pages/node/7087162"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7111596 vom 2024-01-24",
"url": "https://www.ibm.com/support/pages/node/7111596"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6736-1 vom 2024-04-16",
"url": "https://ubuntu.com/security/notices/USN-6736-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6736-2 vom 2024-05-23",
"url": "https://ubuntu.com/security/notices/USN-6736-2"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14656-1 vom 2025-01-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/PA2YASY5GVVBWOWVKGZPCNZJI5WMPXEX/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7183676 vom 2025-02-27",
"url": "https://www.ibm.com/support/pages/node/7183676"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7236343 vom 2025-06-11",
"url": "https://www.ibm.com/support/pages/node/7236343"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2022:7813 vom 2025-12-27",
"url": "https://errata.build.resf.org/RLSA-2022:7813"
}
],
"source_lang": "en-US",
"title": "zlib: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-12-28T23:00:00.000+00:00",
"generator": {
"date": "2025-12-29T09:05:02.217+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2022-0005",
"initial_release_date": "2022-04-03T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-04-03T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-04-04T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2022-04-05T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von FreeBSD aufgenommen"
},
{
"date": "2022-04-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-04-10T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IGEL aufgenommen"
},
{
"date": "2022-04-13T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2022-04-18T22:00:00.000+00:00",
"number": "7",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-DBD2935E44, FEDORA-2022-413A80A102, FEDORA-2022-12B89E2AAD"
},
{
"date": "2022-04-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-04-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-05-01T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-05-05T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-05-08T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-11T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-12T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-05-15T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von CentOS und AVAYA aufgenommen"
},
{
"date": "2022-05-17T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von genua aufgenommen"
},
{
"date": "2022-05-18T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2022-05-19T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-05-24T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-05-26T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat, NetApp, Tenable und IBM aufgenommen"
},
{
"date": "2022-05-31T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-01T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-06T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-09T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-12T22:00:00.000+00:00",
"number": "27",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-61CF1C64F6"
},
{
"date": "2022-06-13T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-06-14T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-06-22T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2022-06-26T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2022-06-30T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2022-07-07T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-07-10T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-07-20T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-08-11T22:00:00.000+00:00",
"number": "37",
"summary": "Referenz(en) aufgenommen: FEDORA-2022-3A92250FD5, FEDORA-2022-B58A85E167"
},
{
"date": "2022-08-21T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-09-28T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-09-29T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-03T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-09T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Autodesk aufgenommen"
},
{
"date": "2022-10-12T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-10-31T23:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2022-11-06T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-11-08T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-15T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-12-11T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2022-12-20T23:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2022-12-22T23:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-01-12T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2023-02-28T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-03-13T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2023-07-04T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2023-08-13T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von HP aufgenommen"
},
{
"date": "2023-08-17T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2023-12-03T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-24T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-16T22:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-05-23T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "66"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Autodesk AutoCAD",
"product": {
"name": "Autodesk AutoCAD",
"product_id": "T024716",
"product_identification_helper": {
"cpe": "cpe:/a:autodesk:autocad:2023.1.1"
}
}
}
],
"category": "vendor",
"name": "Autodesk"
},
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Device Services",
"product": {
"name": "Avaya Aura Device Services",
"product_id": "T015517",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_device_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Breeze Platform",
"product": {
"name": "Avaya Breeze Platform",
"product_id": "T015823",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:breeze_platform:-"
}
}
},
{
"category": "product_name",
"name": "Avaya CMS",
"product": {
"name": "Avaya CMS",
"product_id": "997",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:call_management_system_server:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Session Border Controller",
"product": {
"name": "Avaya Session Border Controller",
"product_id": "T015520",
"product_identification_helper": {
"cpe": "cpe:/h:avaya:session_border_controller:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Web License Manager",
"product": {
"name": "Avaya Web License Manager",
"product_id": "T016243",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:web_license_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Broadcom Brocade Switch",
"product": {
"name": "Broadcom Brocade Switch",
"product_id": "T015844",
"product_identification_helper": {
"cpe": "cpe:/h:brocade:switch:-"
}
}
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.9.0.1",
"product": {
"name": "Dell NetWorker \u003c19.9.0.1",
"product_id": "T028404"
}
},
{
"category": "product_version",
"name": "19.9.0.1",
"product": {
"name": "Dell NetWorker 19.9.0.1",
"product_id": "T028404-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.9.0.1"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "FreeBSD Project FreeBSD OS",
"product": {
"name": "FreeBSD Project FreeBSD OS",
"product_id": "4035",
"product_identification_helper": {
"cpe": "cpe:/o:freebsd:freebsd:-"
}
}
}
],
"category": "vendor",
"name": "FreeBSD Project"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Switch",
"product": {
"name": "HPE Switch",
"product_id": "T005119",
"product_identification_helper": {
"cpe": "cpe:/h:hp:switch:-"
}
}
}
],
"category": "vendor",
"name": "HPE"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM AIX",
"product": {
"name": "IBM AIX",
"product_id": "5094",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics \u003c12.0.4 IF2",
"product_id": "T041469"
}
},
{
"category": "product_version",
"name": "12.0.4 IF2",
"product": {
"name": "IBM Cognos Analytics 12.0.4 IF2",
"product_id": "T041469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:12.0.4_if2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics \u003c11.2.4 IF4",
"product_id": "T041470"
}
},
{
"category": "product_version",
"name": "11.2.4 IF4",
"product": {
"name": "IBM Cognos Analytics 11.2.4 IF4",
"product_id": "T041470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:cognos_analytics:11.2.4_if4"
}
}
}
],
"category": "product_name",
"name": "Cognos Analytics"
},
{
"category": "product_name",
"name": "IBM Content Manager",
"product": {
"name": "IBM Content Manager",
"product_id": "T023838",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:content_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "11.1",
"product": {
"name": "IBM DB2 11.1",
"product_id": "342000",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:11.1"
}
}
},
{
"category": "product_version",
"name": "11.5",
"product": {
"name": "IBM DB2 11.5",
"product_id": "T015242",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v11.5"
}
}
},
{
"category": "product_version",
"name": "10.5",
"product": {
"name": "IBM DB2 10.5",
"product_id": "T015244",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:v10.5"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.0.17",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.17",
"product_id": "T043377"
}
},
{
"category": "product_version",
"name": "10.5.0.17",
"product": {
"name": "IBM DataPower Gateway 10.5.0.17",
"product_id": "T043377-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.17"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.5",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.5",
"product_id": "T043378"
}
},
{
"category": "product_version",
"name": "10.6.0.5",
"product": {
"name": "IBM DataPower Gateway 10.6.0.5",
"product_id": "T043378-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.4.0",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.4.0",
"product_id": "T044528"
}
},
{
"category": "product_version",
"name": "10.6.4.0",
"product": {
"name": "IBM DataPower Gateway 10.6.4.0",
"product_id": "T044528-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.4.0"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM MQ",
"product": {
"name": "IBM MQ",
"product_id": "T021398",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "7.5",
"product": {
"name": "IBM QRadar SIEM 7.5",
"product_id": "T022954",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5"
}
}
},
{
"category": "product_version",
"name": "7.4",
"product": {
"name": "IBM QRadar SIEM 7.4",
"product_id": "T024775",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.4"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.5-ISS-ISVA-FP000",
"product": {
"name": "IBM Security Verify Access \u003c10.0.5-ISS-ISVA-FP000",
"product_id": "T025829"
}
},
{
"category": "product_version",
"name": "10.0.5-ISS-ISVA-FP000",
"product": {
"name": "IBM Security Verify Access 10.0.5-ISS-ISVA-FP000",
"product_id": "T025829-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_verify_access:10.0.5-iss-isva-fp000"
}
}
}
],
"category": "product_name",
"name": "Security Verify Access"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.17",
"product": {
"name": "IBM Spectrum Protect 8.1.17",
"product_id": "T025663",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:8.1.17"
}
}
},
{
"category": "product_version",
"name": "for Virtual Environments",
"product": {
"name": "IBM Spectrum Protect for Virtual Environments",
"product_id": "T025697",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:for_virtual_environments"
}
}
},
{
"category": "product_version",
"name": "for Space Management Client",
"product": {
"name": "IBM Spectrum Protect for Space Management Client",
"product_id": "T025698",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect:for_space_management_client"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect"
},
{
"branches": [
{
"category": "product_version",
"name": "6.2.0",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0",
"product_id": "T014092",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"category": "product_name",
"name": "IBM Tivoli Monitoring",
"product": {
"name": "IBM Tivoli Monitoring",
"product_id": "342008",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
}
}
},
{
"category": "product_name",
"name": "IBM VIOS",
"product": {
"name": "IBM VIOS",
"product_id": "T004571",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c22.2R1",
"product": {
"name": "Juniper Junos Space \u003c22.2R1",
"product_id": "T003343"
}
},
{
"category": "product_version",
"name": "22.2R1",
"product": {
"name": "Juniper Junos Space 22.2R1",
"product_id": "T003343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:-"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.2.12",
"product": {
"name": "Open Source zlib \u003c1.2.12",
"product_id": "T022501"
}
},
{
"category": "product_version",
"name": "1.2.12",
"product": {
"name": "Open Source zlib 1.2.12",
"product_id": "T022501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:gnu:zlib:1.2.12"
}
}
}
],
"category": "product_name",
"name": "zlib"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "3",
"product": {
"name": "Oracle VM 3",
"product_id": "T019617",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:3"
}
}
}
],
"category": "product_name",
"name": "VM"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.7 MR15",
"product": {
"name": "Sophos Unified Threat Management (UTM) Software 9.7 MR15",
"product_id": "T026721",
"product_identification_helper": {
"cpe": "cpe:/a:sophos:unified_threat_management_software:9.7_mr15"
}
}
}
],
"category": "product_name",
"name": "Unified Threat Management (UTM) Software"
}
],
"category": "vendor",
"name": "Sophos"
},
{
"branches": [
{
"category": "product_name",
"name": "Tenable Security Nessus",
"product": {
"name": "Tenable Security Nessus",
"product_id": "T016399",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:-"
}
}
}
],
"category": "vendor",
"name": "Tenable Security"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0p8",
"product": {
"name": "genua genugate \u003c10.0p8",
"product_id": "T023260"
}
},
{
"category": "product_version",
"name": "10.0p8",
"product": {
"name": "genua genugate 10.0p8",
"product_id": "T023260-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genugate:10.0:p8"
}
}
}
],
"category": "product_name",
"name": "genugate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.6p7",
"product": {
"name": "genua genuscreen \u003c7.6p7",
"product_id": "T023070"
}
},
{
"category": "product_version",
"name": "7.6p7",
"product": {
"name": "genua genuscreen 7.6p7",
"product_id": "T023070-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genuscreen:7.6p7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.0p4",
"product": {
"name": "genua genuscreen \u003c8.0p4",
"product_id": "T023071"
}
},
{
"category": "product_version",
"name": "8.0p4",
"product": {
"name": "genua genuscreen 8.0p4",
"product_id": "T023071-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:genua:genuscreen:8.0p4"
}
}
}
],
"category": "product_name",
"name": "genuscreen"
}
],
"category": "vendor",
"name": "genua"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"product_status": {
"known_affected": [
"T023070",
"T023071",
"T003343",
"T015844",
"T015127",
"T015126",
"T004914",
"T015520",
"T015244",
"T015242",
"T022501",
"997",
"T025697",
"T028404",
"T019617",
"T041469",
"398363",
"T025698",
"T015519",
"T015518",
"T015517",
"T015516",
"T005119",
"T012167",
"T023838",
"T016960",
"T016243",
"T022954",
"2951",
"T002207",
"T044528",
"T027843",
"T025663",
"T024775",
"67646",
"4035",
"T015823",
"T016399",
"T025829",
"T014092",
"T026721",
"T001663",
"342008",
"T021398",
"T004571",
"T023260",
"342000",
"T013312",
"T032255",
"5094",
"T043377",
"T043378",
"T024716",
"T041470",
"T017865",
"T000126",
"1727"
]
},
"release_date": "2022-04-03T22:00:00.000+00:00",
"title": "CVE-2018-25032"
}
]
}
WID-SEC-W-2022-0735
Vulnerability from csaf_certbund - Published: 2022-07-19 22:00 - Updated: 2022-11-30 23:00Summary
Oracle MySQL: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: MySQL ist ein Open Source Datenbankserver von Oracle.
Angriff: Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - UNIX
- Linux
- Windows
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist "HIGH" für "Confidentiality", "Integrity" und "Availability" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert "HIGH" für die Schadenshöhe.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
IBM Security Guardium 10.5
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:10.5
|
— | |
|
IBM Security Guardium 11.3
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.3
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
IBM Security Guardium 11.4
IBM / Security Guardium
|
cpe:/a:ibm:security_guardium:11.4
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
NetApp ActiveIQ Unified Manager
NetApp
|
cpe:/a:netapp:active_iq_unified_manager:-
|
— |
Last affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle MySQL <= 8.0.28
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.28
|
— | |
|
Oracle MySQL <= 7.4.36
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.4.36
|
— | |
|
Oracle MySQL <= 7.5.26
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.5.26
|
— | |
|
Oracle MySQL <= 7.6.22
Oracle / MySQL
|
cpe:/a:oracle:mysql:7.6.22
|
— | |
|
Oracle MySQL <= 1.1.8
Oracle / MySQL
|
cpe:/a:oracle:mysql:1.1.8
|
— | |
|
Oracle MySQL <= 8.0.25
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.25
|
— | |
|
Oracle MySQL <= 8.0.29
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.29
|
— | |
|
Oracle MySQL <= 5.7.38
Oracle / MySQL
|
cpe:/a:oracle:mysql:5.7.38
|
— | |
|
Oracle MySQL <= 8.0.30
Oracle / MySQL
|
cpe:/a:oracle:mysql:8.0.30
|
— |
References
14 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "MySQL ist ein Open Source Datenbankserver von Oracle.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Oracle MySQL ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX\n- Linux\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0735 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0735.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0735 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0735"
},
{
"category": "external",
"summary": "IBM Security Bulletin 6842821 vom 2022-12-01",
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-multiple-vulnerabilities-in-oracle-mysql/"
},
{
"category": "external",
"summary": "Menu - Appendix Oracle MySQL vom 2022-07-19",
"url": "https://www.oracle.com/security-alerts/cpujul2022.html#AppendixMSQL"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5537-1 vom 2022-07-28",
"url": "https://ubuntu.com/security/notices/USN-5537-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-5537-2 vom 2022-07-29",
"url": "https://ubuntu.com/security/notices/USN-5537-2"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20220729-0004 vom 2022-08-19",
"url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6518 vom 2022-09-14",
"url": "https://access.redhat.com/errata/RHSA-2022:6518"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:6590 vom 2022-09-21",
"url": "https://access.redhat.com/errata/RHSA-2022:6590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-6590 vom 2022-09-22",
"url": "https://linux.oracle.com/errata/ELSA-2022-6590.html"
},
{
"category": "external",
"summary": "Oracle Linux Bulletin-October 2022 vom 2022-10-18",
"url": "https://www.oracle.com/security-alerts/linuxbulletinoct2022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7055 vom 2022-10-19",
"url": "https://access.redhat.com/errata/RHSA-2022:7055"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:7119 vom 2022-10-25",
"url": "https://access.redhat.com/errata/RHSA-2022:7119"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-7119 vom 2022-10-27",
"url": "https://linux.oracle.com/errata/ELSA-2022-7119.html"
}
],
"source_lang": "en-US",
"title": "Oracle MySQL: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2022-11-30T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:31:57.219+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-0735",
"initial_release_date": "2022-07-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-07-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-07-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2022-08-21T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von NetApp aufgenommen"
},
{
"date": "2022-09-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-09-21T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-10-18T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2022-10-19T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-25T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-10-26T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2022-11-30T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM Security Guardium 11.3",
"product": {
"name": "IBM Security Guardium 11.3",
"product_id": "1048943",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.3"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium 11.4",
"product": {
"name": "IBM Security Guardium 11.4",
"product_id": "1076561",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:11.4"
}
}
},
{
"category": "product_name",
"name": "IBM Security Guardium 10.5",
"product": {
"name": "IBM Security Guardium 10.5",
"product_id": "410912",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:security_guardium:10.5"
}
}
}
],
"category": "product_name",
"name": "Security Guardium"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T016960",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.28",
"product": {
"name": "Oracle MySQL \u003c= 8.0.28",
"product_id": "1163192",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.28"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.25",
"product": {
"name": "Oracle MySQL \u003c= 8.0.25",
"product_id": "858557",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.25"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.29",
"product": {
"name": "Oracle MySQL \u003c= 8.0.29",
"product_id": "T022871",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.29"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 8.0.30",
"product": {
"name": "Oracle MySQL \u003c= 8.0.30",
"product_id": "T023949",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:8.0.30"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 5.7.38",
"product": {
"name": "Oracle MySQL \u003c= 5.7.38",
"product_id": "T023950",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:5.7.38"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.4.36",
"product": {
"name": "Oracle MySQL \u003c= 7.4.36",
"product_id": "T023951",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.4.36"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.5.26",
"product": {
"name": "Oracle MySQL \u003c= 7.5.26",
"product_id": "T023952",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.5.26"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 7.6.22",
"product": {
"name": "Oracle MySQL \u003c= 7.6.22",
"product_id": "T023953",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:7.6.22"
}
}
},
{
"category": "product_name",
"name": "Oracle MySQL \u003c= 1.1.8",
"product": {
"name": "Oracle MySQL \u003c= 1.1.8",
"product_id": "T023954",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:mysql:1.1.8"
}
}
}
],
"category": "product_name",
"name": "MySQL"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2020-26237",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2020-26237"
},
{
"cve": "CVE-2021-22119",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2021-22119"
},
{
"cve": "CVE-2021-31805",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2021-31805"
},
{
"cve": "CVE-2022-1292",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-1292"
},
{
"cve": "CVE-2022-21455",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21455"
},
{
"cve": "CVE-2022-21509",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21509"
},
{
"cve": "CVE-2022-21515",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21515"
},
{
"cve": "CVE-2022-21517",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21517"
},
{
"cve": "CVE-2022-21519",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21519"
},
{
"cve": "CVE-2022-21522",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21522"
},
{
"cve": "CVE-2022-21525",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21525"
},
{
"cve": "CVE-2022-21526",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21526"
},
{
"cve": "CVE-2022-21527",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21527"
},
{
"cve": "CVE-2022-21528",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21528"
},
{
"cve": "CVE-2022-21529",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21529"
},
{
"cve": "CVE-2022-21530",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21530"
},
{
"cve": "CVE-2022-21531",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21531"
},
{
"cve": "CVE-2022-21534",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21534"
},
{
"cve": "CVE-2022-21535",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21535"
},
{
"cve": "CVE-2022-21537",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21537"
},
{
"cve": "CVE-2022-21538",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21538"
},
{
"cve": "CVE-2022-21539",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21539"
},
{
"cve": "CVE-2022-21547",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21547"
},
{
"cve": "CVE-2022-21550",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21550"
},
{
"cve": "CVE-2022-21553",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21553"
},
{
"cve": "CVE-2022-21555",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21555"
},
{
"cve": "CVE-2022-21556",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21556"
},
{
"cve": "CVE-2022-21569",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21569"
},
{
"cve": "CVE-2022-21824",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-21824"
},
{
"cve": "CVE-2022-22968",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-22968"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-27778",
"notes": [
{
"category": "description",
"text": "In Oracle MySQL existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer aus dem angrenzenden Netzwerk oder ein entfernter, anonymer, authentisierter oder lokaler Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion oder erweiterte Rechte notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HIGH\" f\u00fcr die Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"410912",
"1048943",
"67646",
"T000126",
"1076561",
"T004914",
"T016960"
],
"last_affected": [
"1163192",
"T023951",
"T023952",
"T023953",
"T023954",
"858557",
"T022871",
"T023950",
"T023949"
]
},
"release_date": "2022-07-19T22:00:00.000+00:00",
"title": "CVE-2022-27778"
}
]
}
WID-SEC-W-2022-1057
Vulnerability from csaf_certbund - Published: 2022-05-16 22:00 - Updated: 2023-06-21 22:00Summary
Apple macOS: Mehrere Schwachstellen
Severity
Kritisch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff: Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.
Betroffene Betriebssysteme: - MacOS X
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion.
References
9 references
{
"document": {
"aggregate_severity": {
"text": "kritisch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Apple macOS ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1057 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1057.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1057 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1057"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213255"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213256"
},
{
"category": "external",
"summary": "Apple Security Advisory vom 2022-05-16",
"url": "https://support.apple.com/en-us/HT213257"
},
{
"category": "external",
"summary": "PoC CVE-2022-26726",
"url": "https://github.com/acheong08/CVE-2022-26726-POC"
},
{
"category": "external",
"summary": "CISA: Apple Releases Security Updates",
"url": "https://www.cisa.gov/uscert/ncas/current-activity/2022/04/01/apple-releases-security-updates-0"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3118 vom 2022-09-22",
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html"
},
{
"category": "external",
"summary": "Wojciech Regula blogpost vom 2022-11-21",
"url": "https://wojciechregula.blog/post/macos-sandbox-escape-via-terminal/"
}
],
"source_lang": "en-US",
"title": "Apple macOS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2023-06-21T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:33:27.405+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2022-1057",
"initial_release_date": "2022-05-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-05-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2022-08-16T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2022-09-20T22:00:00.000+00:00",
"number": "3",
"summary": "CVE Nummern CVE-2022-32790 und CVE-2022-32882 erg\u00e4nzt"
},
{
"date": "2022-09-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-09-25T22:00:00.000+00:00",
"number": "5",
"summary": "Korrektur bzgl. fehlerhaft eingetragenem Debian Update"
},
{
"date": "2022-11-21T23:00:00.000+00:00",
"number": "6",
"summary": "Exploit aufgenommen"
},
{
"date": "2023-06-21T22:00:00.000+00:00",
"number": "7",
"summary": "CVE-2022-32794 erg\u00e4nzt"
}
],
"status": "final",
"version": "7"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Apple macOS Catalina \u003c 2022-004",
"product": {
"name": "Apple macOS Catalina \u003c 2022-004",
"product_id": "T023230",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:catalina__2022-004"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product": {
"name": "Apple macOS Big Sur \u003c 11.6.6",
"product_id": "T023231",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:big_sur__11.6.6"
}
}
},
{
"category": "product_name",
"name": "Apple macOS Monterey \u003c 12.4",
"product": {
"name": "Apple macOS Monterey \u003c 12.4",
"product_id": "T023232",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:monterey__12.4"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-32882",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32882"
},
{
"cve": "CVE-2022-32794",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32794"
},
{
"cve": "CVE-2022-32790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-32790"
},
{
"cve": "CVE-2022-26776",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26776"
},
{
"cve": "CVE-2022-26775",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26775"
},
{
"cve": "CVE-2022-26772",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26772"
},
{
"cve": "CVE-2022-26770",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26770"
},
{
"cve": "CVE-2022-26769",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26769"
},
{
"cve": "CVE-2022-26768",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26768"
},
{
"cve": "CVE-2022-26767",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26767"
},
{
"cve": "CVE-2022-26766",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26766"
},
{
"cve": "CVE-2022-26765",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26765"
},
{
"cve": "CVE-2022-26764",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26764"
},
{
"cve": "CVE-2022-26763",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26763"
},
{
"cve": "CVE-2022-26762",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26762"
},
{
"cve": "CVE-2022-26761",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26761"
},
{
"cve": "CVE-2022-26757",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26757"
},
{
"cve": "CVE-2022-26756",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26756"
},
{
"cve": "CVE-2022-26755",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26755"
},
{
"cve": "CVE-2022-26754",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26754"
},
{
"cve": "CVE-2022-26753",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26753"
},
{
"cve": "CVE-2022-26752",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26752"
},
{
"cve": "CVE-2022-26751",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26751"
},
{
"cve": "CVE-2022-26750",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26750"
},
{
"cve": "CVE-2022-26749",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26749"
},
{
"cve": "CVE-2022-26748",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26748"
},
{
"cve": "CVE-2022-26746",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26746"
},
{
"cve": "CVE-2022-26745",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26745"
},
{
"cve": "CVE-2022-26743",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26743"
},
{
"cve": "CVE-2022-26742",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26742"
},
{
"cve": "CVE-2022-26741",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26741"
},
{
"cve": "CVE-2022-26740",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26740"
},
{
"cve": "CVE-2022-26739",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26739"
},
{
"cve": "CVE-2022-26738",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26738"
},
{
"cve": "CVE-2022-26737",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26737"
},
{
"cve": "CVE-2022-26736",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26736"
},
{
"cve": "CVE-2022-26731",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26731"
},
{
"cve": "CVE-2022-26728",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26728"
},
{
"cve": "CVE-2022-26727",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26727"
},
{
"cve": "CVE-2022-26726",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26726"
},
{
"cve": "CVE-2022-26725",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26725"
},
{
"cve": "CVE-2022-26723",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26723"
},
{
"cve": "CVE-2022-26722",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26722"
},
{
"cve": "CVE-2022-26721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26721"
},
{
"cve": "CVE-2022-26720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26720"
},
{
"cve": "CVE-2022-26719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26719"
},
{
"cve": "CVE-2022-26718",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26718"
},
{
"cve": "CVE-2022-26717",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26717"
},
{
"cve": "CVE-2022-26716",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26716"
},
{
"cve": "CVE-2022-26715",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26715"
},
{
"cve": "CVE-2022-26714",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26714"
},
{
"cve": "CVE-2022-26712",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26712"
},
{
"cve": "CVE-2022-26711",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26711"
},
{
"cve": "CVE-2022-26710",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26710"
},
{
"cve": "CVE-2022-26709",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26709"
},
{
"cve": "CVE-2022-26708",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26708"
},
{
"cve": "CVE-2022-26706",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26706"
},
{
"cve": "CVE-2022-26704",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26704"
},
{
"cve": "CVE-2022-26701",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26701"
},
{
"cve": "CVE-2022-26700",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26700"
},
{
"cve": "CVE-2022-26698",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26698"
},
{
"cve": "CVE-2022-26697",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26697"
},
{
"cve": "CVE-2022-26696",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26696"
},
{
"cve": "CVE-2022-26694",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26694"
},
{
"cve": "CVE-2022-26693",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-26693"
},
{
"cve": "CVE-2022-23308",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-22721",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22720",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22719",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22677",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22677"
},
{
"cve": "CVE-2022-22675",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22675"
},
{
"cve": "CVE-2022-22674",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22674"
},
{
"cve": "CVE-2022-22665",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22665"
},
{
"cve": "CVE-2022-22663",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22663"
},
{
"cve": "CVE-2022-22589",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-0778",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-0530",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0128",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2021-46059",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-46059"
},
{
"cve": "CVE-2021-45444",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-44790",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44790"
},
{
"cve": "CVE-2021-44224",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-44224"
},
{
"cve": "CVE-2021-4193",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4192",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4187",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4173",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-4166",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4136",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2018-25032",
"notes": [
{
"category": "description",
"text": "In Apple macOS existieren mehrere Schwachstellen. Die Fehler bestehen in den Komponenten AMD, apache, AppKit, AppleAVD, AppleGraphicsControl, AppleScript, AVEVideoEncoder, Contacts, CoreTypes, CVMS, DriverKit, Graphics Drivers, ImageIO, Intel Graphics Drivers, IOKit, IOMobileFrameBuffer, Kernel, LaunchServices, libresolv, LibreSSL, libxml2, OpenSSL, PackageKit, Vorschau, Drucken, Safari Private Browsing, Sicherheit, SMB, SoftwareUpdate, Spotlight, TCC, Tcl, Vim, WebKit, WebRTC, Wi-Fi, zip, zlib und zsh. Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Code auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren, vertrauliche Informationen offenzulegen und im schlimmsten Fall das System zu kompromittieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion."
}
],
"release_date": "2022-05-16T22:00:00.000+00:00",
"title": "CVE-2018-25032"
}
]
}
WID-SEC-W-2022-1335
Vulnerability from csaf_certbund - Published: 2022-09-07 22:00 - Updated: 2025-10-06 22:00Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität des Systems zu gefährden.
Betroffene Betriebssysteme: - Sonstiges
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Xerox FreeFlow Print Server 7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:7
|
7 | |
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 |
References
6 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "FreeFlow-Druckserver ist eine Druckserveranwendung f\u00fcr Xerox-Produktionsdrucker, die Flexibilit\u00e4t, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verf\u00fcgbarkeit und Integrit\u00e4t des Systems zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-1335 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1335.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-1335 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1335"
},
{
"category": "external",
"summary": "Xerox Security Bulletin XRX22-021 vom 2022-09-07",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2022/09/Xerox-Security-Bulletin-XRX22-021-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-005 vom 2023-04-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX23-007 vom 2023-05-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2023/05/Xerox-Security-Bulletin-XRX23-007-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-017 vom 2025-10-07",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/10/Xerox-Security-Bulletin-XRX25-017-for-Xerox-FreeFlow-Print-Server-v9.pdf"
}
],
"source_lang": "en-US",
"title": "Xerox FreeFlow Print Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-06T22:00:00.000+00:00",
"generator": {
"date": "2025-10-07T08:04:35.259+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2022-1335",
"initial_release_date": "2022-09-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2022-09-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-04-03T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7",
"product": {
"name": "Xerox FreeFlow Print Server 7",
"product_id": "T000872",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:7"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
},
{
"category": "product_version",
"name": "v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-25032",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2018-25032"
},
{
"cve": "CVE-2019-19906",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2019-19906"
},
{
"cve": "CVE-2020-0499",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-0499"
},
{
"cve": "CVE-2020-25717",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-25717"
},
{
"cve": "CVE-2020-29651",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2020-29651"
},
{
"cve": "CVE-2021-0561",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-0561"
},
{
"cve": "CVE-2021-21708",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-21708"
},
{
"cve": "CVE-2021-22946",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-22946"
},
{
"cve": "CVE-2021-25220",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-25220"
},
{
"cve": "CVE-2021-29923",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-29923"
},
{
"cve": "CVE-2021-30809",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30809"
},
{
"cve": "CVE-2021-30818",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30818"
},
{
"cve": "CVE-2021-30823",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30823"
},
{
"cve": "CVE-2021-30836",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30836"
},
{
"cve": "CVE-2021-30884",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30884"
},
{
"cve": "CVE-2021-30887",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30887"
},
{
"cve": "CVE-2021-30888",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30888"
},
{
"cve": "CVE-2021-30889",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30889"
},
{
"cve": "CVE-2021-30890",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30890"
},
{
"cve": "CVE-2021-30897",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30897"
},
{
"cve": "CVE-2021-30934",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30934"
},
{
"cve": "CVE-2021-30936",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30936"
},
{
"cve": "CVE-2021-30951",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30951"
},
{
"cve": "CVE-2021-30952",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30952"
},
{
"cve": "CVE-2021-30953",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30953"
},
{
"cve": "CVE-2021-30954",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30954"
},
{
"cve": "CVE-2021-30984",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-30984"
},
{
"cve": "CVE-2021-3448",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-3448"
},
{
"cve": "CVE-2021-34558",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-34558"
},
{
"cve": "CVE-2021-36221",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-36221"
},
{
"cve": "CVE-2021-4115",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4115"
},
{
"cve": "CVE-2021-4136",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4136"
},
{
"cve": "CVE-2021-4166",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4166"
},
{
"cve": "CVE-2021-4173",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4173"
},
{
"cve": "CVE-2021-41771",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41771"
},
{
"cve": "CVE-2021-41772",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-41772"
},
{
"cve": "CVE-2021-4187",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4187"
},
{
"cve": "CVE-2021-4192",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4192"
},
{
"cve": "CVE-2021-4193",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4193"
},
{
"cve": "CVE-2021-4217",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2021-43519",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43519"
},
{
"cve": "CVE-2021-43566",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-43566"
},
{
"cve": "CVE-2021-44142",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-44142"
},
{
"cve": "CVE-2021-45444",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45444"
},
{
"cve": "CVE-2021-45481",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45481"
},
{
"cve": "CVE-2021-45482",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45482"
},
{
"cve": "CVE-2021-45483",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45483"
},
{
"cve": "CVE-2021-45960",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-45960"
},
{
"cve": "CVE-2021-46143",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2021-46143"
},
{
"cve": "CVE-2022-0128",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0128"
},
{
"cve": "CVE-2022-0156",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0156"
},
{
"cve": "CVE-2022-0158",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0158"
},
{
"cve": "CVE-2022-0261",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0261"
},
{
"cve": "CVE-2022-0318",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0318"
},
{
"cve": "CVE-2022-0319",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0319"
},
{
"cve": "CVE-2022-0336",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0336"
},
{
"cve": "CVE-2022-0391",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0391"
},
{
"cve": "CVE-2022-0408",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0408"
},
{
"cve": "CVE-2022-0413",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0413"
},
{
"cve": "CVE-2022-0417",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0417"
},
{
"cve": "CVE-2022-0443",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0443"
},
{
"cve": "CVE-2022-0554",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0554"
},
{
"cve": "CVE-2022-0566",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0566"
},
{
"cve": "CVE-2022-0572",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0572"
},
{
"cve": "CVE-2022-0629",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0629"
},
{
"cve": "CVE-2022-0685",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0685"
},
{
"cve": "CVE-2022-0696",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0696"
},
{
"cve": "CVE-2022-0714",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0714"
},
{
"cve": "CVE-2022-0729",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0729"
},
{
"cve": "CVE-2022-0778",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-0778"
},
{
"cve": "CVE-2022-1097",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1097"
},
{
"cve": "CVE-2022-1196",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1196"
},
{
"cve": "CVE-2022-1197",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1197"
},
{
"cve": "CVE-2022-1271",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1271"
},
{
"cve": "CVE-2022-1520",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1520"
},
{
"cve": "CVE-2022-1834",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-1834"
},
{
"cve": "CVE-2022-21245",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21245"
},
{
"cve": "CVE-2022-21270",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21270"
},
{
"cve": "CVE-2022-21291",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21291"
},
{
"cve": "CVE-2022-21303",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21303"
},
{
"cve": "CVE-2022-21304",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21304"
},
{
"cve": "CVE-2022-21344",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21344"
},
{
"cve": "CVE-2022-21349",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21349"
},
{
"cve": "CVE-2022-21367",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21367"
},
{
"cve": "CVE-2022-21426",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-21434",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21434"
},
{
"cve": "CVE-2022-21443",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21443"
},
{
"cve": "CVE-2022-21449",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21449"
},
{
"cve": "CVE-2022-21476",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21476"
},
{
"cve": "CVE-2022-21493",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21493"
},
{
"cve": "CVE-2022-21494",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21494"
},
{
"cve": "CVE-2022-21496",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21496"
},
{
"cve": "CVE-2022-21514",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21514"
},
{
"cve": "CVE-2022-21524",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21524"
},
{
"cve": "CVE-2022-21533",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21533"
},
{
"cve": "CVE-2022-21712",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21712"
},
{
"cve": "CVE-2022-21716",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-21716"
},
{
"cve": "CVE-2022-22589",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22589"
},
{
"cve": "CVE-2022-22590",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22590"
},
{
"cve": "CVE-2022-22592",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22592"
},
{
"cve": "CVE-2022-22620",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22620"
},
{
"cve": "CVE-2022-22719",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22719"
},
{
"cve": "CVE-2022-22720",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22720"
},
{
"cve": "CVE-2022-22721",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22721"
},
{
"cve": "CVE-2022-22818",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22818"
},
{
"cve": "CVE-2022-22822",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22822"
},
{
"cve": "CVE-2022-22823",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22823"
},
{
"cve": "CVE-2022-22824",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22824"
},
{
"cve": "CVE-2022-22825",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22825"
},
{
"cve": "CVE-2022-22826",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22826"
},
{
"cve": "CVE-2022-22827",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-22827"
},
{
"cve": "CVE-2022-23308",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23308"
},
{
"cve": "CVE-2022-23772",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23772"
},
{
"cve": "CVE-2022-23773",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23773"
},
{
"cve": "CVE-2022-23806",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23806"
},
{
"cve": "CVE-2022-23833",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23833"
},
{
"cve": "CVE-2022-23852",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23852"
},
{
"cve": "CVE-2022-23943",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23943"
},
{
"cve": "CVE-2022-23990",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-23990"
},
{
"cve": "CVE-2022-24130",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24130"
},
{
"cve": "CVE-2022-24407",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24407"
},
{
"cve": "CVE-2022-24675",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24675"
},
{
"cve": "CVE-2022-24713",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24713"
},
{
"cve": "CVE-2022-24801",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-24801"
},
{
"cve": "CVE-2022-25235",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25235"
},
{
"cve": "CVE-2022-25236",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2022-25313",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25313"
},
{
"cve": "CVE-2022-25314",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25314"
},
{
"cve": "CVE-2022-25315",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25315"
},
{
"cve": "CVE-2022-25762",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-26381",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26381"
},
{
"cve": "CVE-2022-26383",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26383"
},
{
"cve": "CVE-2022-26384",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26384"
},
{
"cve": "CVE-2022-26386",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26386"
},
{
"cve": "CVE-2022-26387",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26387"
},
{
"cve": "CVE-2022-26485",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26485"
},
{
"cve": "CVE-2022-26486",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-26486"
},
{
"cve": "CVE-2022-28281",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28281"
},
{
"cve": "CVE-2022-28282",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28282"
},
{
"cve": "CVE-2022-28285",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28285"
},
{
"cve": "CVE-2022-28286",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28286"
},
{
"cve": "CVE-2022-28289",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28289"
},
{
"cve": "CVE-2022-28327",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28327"
},
{
"cve": "CVE-2022-28346",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28346"
},
{
"cve": "CVE-2022-28347",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-28347"
},
{
"cve": "CVE-2022-29824",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29824"
},
{
"cve": "CVE-2022-29909",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29909"
},
{
"cve": "CVE-2022-29911",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29911"
},
{
"cve": "CVE-2022-29912",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29912"
},
{
"cve": "CVE-2022-29913",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29913"
},
{
"cve": "CVE-2022-29914",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29914"
},
{
"cve": "CVE-2022-29916",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29916"
},
{
"cve": "CVE-2022-29917",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-29917"
},
{
"cve": "CVE-2022-31736",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31736"
},
{
"cve": "CVE-2022-31737",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31737"
},
{
"cve": "CVE-2022-31738",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31738"
},
{
"cve": "CVE-2022-31739",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31739"
},
{
"cve": "CVE-2022-3174",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-3174"
},
{
"cve": "CVE-2022-31740",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31740"
},
{
"cve": "CVE-2022-31741",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31741"
},
{
"cve": "CVE-2022-31742",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31742"
},
{
"cve": "CVE-2022-31747",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-31747"
},
{
"cve": "CVE-2022-4187",
"product_status": {
"known_affected": [
"T000872",
"T015632",
"T002977"
]
},
"release_date": "2022-09-07T22:00:00.000+00:00",
"title": "CVE-2022-4187"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…