Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-15903 (GCVE-0-2019-15903)
Vulnerability from cvelistv5 – Published: 2019-09-04 05:59 – Updated: 2025-05-30 19:27
VLAI
EPSS
Summary
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Severity
6.5 (Medium)
CWE
- n/a
Assigner
References
59 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-4132-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4132-1/"
},
{
"name": "20190917 [slackware-security] expat (SSA:2019-259-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/30"
},
{
"name": "USN-4132-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4132-2/"
},
{
"name": "FEDORA-2019-613edfe68b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/"
},
{
"name": "DSA-4530",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4530"
},
{
"name": "20190923 [SECURITY] [DSA 4530-1] expat security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/37"
},
{
"name": "FEDORA-2019-9505c6b555",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/"
},
{
"name": "openSUSE-SU-2019:2205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html"
},
{
"name": "openSUSE-SU-2019:2204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html"
},
{
"name": "FEDORA-2019-672ae0f060",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/"
},
{
"name": "20191021 [slackware-security] python (SSA:2019-293-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Oct/29"
},
{
"name": "USN-4165-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4165-1/"
},
{
"name": "DSA-4549",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4549"
},
{
"name": "RHSA-2019:3210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3210"
},
{
"name": "RHSA-2019:3237",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3237"
},
{
"name": "20191101 [SECURITY] [DSA 4549-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/1"
},
{
"name": "openSUSE-SU-2019:2420",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html"
},
{
"name": "openSUSE-SU-2019:2424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html"
},
{
"name": "openSUSE-SU-2019:2425",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html"
},
{
"name": "RHSA-2019:3756",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3756"
},
{
"name": "openSUSE-SU-2019:2447",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html"
},
{
"name": "openSUSE-SU-2019:2451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html"
},
{
"name": "openSUSE-SU-2019:2452",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html"
},
{
"name": "openSUSE-SU-2019:2459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html"
},
{
"name": "openSUSE-SU-2019:2464",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html"
},
{
"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html"
},
{
"name": "20191118 [SECURITY] [DSA 4571-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Nov/24"
},
{
"name": "DSA-4571",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4571"
},
{
"name": "[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html"
},
{
"name": "GLSA-201911-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201911-08"
},
{
"name": "USN-4202-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4202-1/"
},
{
"name": "20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Dec/17"
},
{
"name": "20191211 APPLE-SA-2019-12-10-5 tvOS 13.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Dec/21"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
},
{
"name": "20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/30"
},
{
"name": "20191213 APPLE-SA-2019-12-10-5 tvOS 13.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/27"
},
{
"name": "openSUSE-SU-2020:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
},
{
"name": "USN-4335-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4335-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/issues/317"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/318"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/issues/342"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190926-0004/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210788"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210790"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210785"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210789"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210793"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210794"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2021-11"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-15903",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T19:27:14.896115Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:27:19.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T22:06:15.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-4132-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4132-1/"
},
{
"name": "20190917 [slackware-security] expat (SSA:2019-259-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/30"
},
{
"name": "USN-4132-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4132-2/"
},
{
"name": "FEDORA-2019-613edfe68b",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/"
},
{
"name": "DSA-4530",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4530"
},
{
"name": "20190923 [SECURITY] [DSA 4530-1] expat security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/37"
},
{
"name": "FEDORA-2019-9505c6b555",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/"
},
{
"name": "openSUSE-SU-2019:2205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html"
},
{
"name": "openSUSE-SU-2019:2204",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html"
},
{
"name": "FEDORA-2019-672ae0f060",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/"
},
{
"name": "20191021 [slackware-security] python (SSA:2019-293-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Oct/29"
},
{
"name": "USN-4165-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4165-1/"
},
{
"name": "DSA-4549",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4549"
},
{
"name": "RHSA-2019:3210",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3210"
},
{
"name": "RHSA-2019:3237",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3237"
},
{
"name": "20191101 [SECURITY] [DSA 4549-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/1"
},
{
"name": "openSUSE-SU-2019:2420",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html"
},
{
"name": "openSUSE-SU-2019:2424",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html"
},
{
"name": "openSUSE-SU-2019:2425",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html"
},
{
"name": "RHSA-2019:3756",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3756"
},
{
"name": "openSUSE-SU-2019:2447",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html"
},
{
"name": "openSUSE-SU-2019:2451",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html"
},
{
"name": "openSUSE-SU-2019:2452",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html"
},
{
"name": "openSUSE-SU-2019:2459",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html"
},
{
"name": "openSUSE-SU-2019:2464",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html"
},
{
"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html"
},
{
"name": "20191118 [SECURITY] [DSA 4571-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Nov/24"
},
{
"name": "DSA-4571",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4571"
},
{
"name": "[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html"
},
{
"name": "GLSA-201911-08",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201911-08"
},
{
"name": "USN-4202-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4202-1/"
},
{
"name": "20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Dec/17"
},
{
"name": "20191211 APPLE-SA-2019-12-10-5 tvOS 13.3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Dec/21"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
},
{
"name": "20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/30"
},
{
"name": "20191213 APPLE-SA-2019-12-10-5 tvOS 13.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/27"
},
{
"name": "openSUSE-SU-2020:0010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
},
{
"name": "USN-4335-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4335-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libexpat/libexpat/issues/317"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libexpat/libexpat/pull/318"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libexpat/libexpat/issues/342"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190926-0004/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210788"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210790"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210785"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210789"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210793"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210794"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2021-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-4132-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4132-1/"
},
{
"name": "20190917 [slackware-security] expat (SSA:2019-259-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/30"
},
{
"name": "USN-4132-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4132-2/"
},
{
"name": "FEDORA-2019-613edfe68b",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/"
},
{
"name": "DSA-4530",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4530"
},
{
"name": "20190923 [SECURITY] [DSA 4530-1] expat security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/37"
},
{
"name": "FEDORA-2019-9505c6b555",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/"
},
{
"name": "openSUSE-SU-2019:2205",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html"
},
{
"name": "openSUSE-SU-2019:2204",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html"
},
{
"name": "FEDORA-2019-672ae0f060",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/"
},
{
"name": "20191021 [slackware-security] python (SSA:2019-293-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Oct/29"
},
{
"name": "USN-4165-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4165-1/"
},
{
"name": "DSA-4549",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4549"
},
{
"name": "RHSA-2019:3210",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3210"
},
{
"name": "RHSA-2019:3237",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3237"
},
{
"name": "20191101 [SECURITY] [DSA 4549-1] firefox-esr security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/1"
},
{
"name": "openSUSE-SU-2019:2420",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html"
},
{
"name": "openSUSE-SU-2019:2424",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html"
},
{
"name": "openSUSE-SU-2019:2425",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html"
},
{
"name": "RHSA-2019:3756",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3756"
},
{
"name": "openSUSE-SU-2019:2447",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html"
},
{
"name": "openSUSE-SU-2019:2451",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html"
},
{
"name": "openSUSE-SU-2019:2452",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html"
},
{
"name": "openSUSE-SU-2019:2459",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html"
},
{
"name": "openSUSE-SU-2019:2464",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html"
},
{
"name": "[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html"
},
{
"name": "20191118 [SECURITY] [DSA 4571-1] thunderbird security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Nov/24"
},
{
"name": "DSA-4571",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4571"
},
{
"name": "[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html"
},
{
"name": "GLSA-201911-08",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201911-08"
},
{
"name": "USN-4202-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4202-1/"
},
{
"name": "20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Dec/17"
},
{
"name": "20191211 APPLE-SA-2019-12-10-5 tvOS 13.3",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Dec/21"
},
{
"name": "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/23"
},
{
"name": "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/26"
},
{
"name": "20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/30"
},
{
"name": "20191213 APPLE-SA-2019-12-10-5 tvOS 13.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/27"
},
{
"name": "openSUSE-SU-2020:0010",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html"
},
{
"name": "openSUSE-SU-2020:0086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html"
},
{
"name": "USN-4335-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4335-1/"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://github.com/libexpat/libexpat/issues/317",
"refsource": "MISC",
"url": "https://github.com/libexpat/libexpat/issues/317"
},
{
"name": "https://github.com/libexpat/libexpat/pull/318",
"refsource": "MISC",
"url": "https://github.com/libexpat/libexpat/pull/318"
},
{
"name": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43",
"refsource": "MISC",
"url": "https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43"
},
{
"name": "https://github.com/libexpat/libexpat/issues/342",
"refsource": "CONFIRM",
"url": "https://github.com/libexpat/libexpat/issues/342"
},
{
"name": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190926-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190926-0004/"
},
{
"name": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html"
},
{
"name": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html"
},
{
"name": "https://support.apple.com/kb/HT210788",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210788"
},
{
"name": "https://support.apple.com/kb/HT210790",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210790"
},
{
"name": "https://support.apple.com/kb/HT210785",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210785"
},
{
"name": "https://support.apple.com/kb/HT210789",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210789"
},
{
"name": "https://support.apple.com/kb/HT210793",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210793"
},
{
"name": "https://support.apple.com/kb/HT210795",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210795"
},
{
"name": "https://support.apple.com/kb/HT210794",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210794"
},
{
"name": "https://www.tenable.com/security/tns-2021-11",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2021-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-15903",
"datePublished": "2019-09-04T05:59:16.000Z",
"dateReserved": "2019-09-04T00:00:00.000Z",
"dateUpdated": "2025-05-30T19:27:19.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-15903",
"date": "2026-05-29",
"epss": "0.00203",
"percentile": "0.42333"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-15903\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-09-04T06:15:10.877\",\"lastModified\":\"2025-05-30T20:15:23.620\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.\"},{\"lang\":\"es\",\"value\":\"En libexpat versiones anteriores a 2.2.8, una entrada XML especialmente dise\u00f1ada podr\u00eda enga\u00f1ar al analizador para que cambie de an\u00e1lisis DTD a an\u00e1lisis de documentos demasiado pronto; una llamada consecutiva a la funci\u00f3n XML_GetCurrentLineNumber (o XML_GetCurrentColumnNumber) luego result\u00f3 en una lectura excesiva del b\u00fafer en la regi\u00f3n heap de la memoria.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-776\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.2.8\",\"matchCriteriaId\":\"53820561-496E-490D-8061-A21C9C69C208\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.17\",\"matchCriteriaId\":\"B09B31A2-30BF-4E95-81A3-F77FD97DF5B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5.0\",\"versionEndExcluding\":\"3.5.8\",\"matchCriteriaId\":\"9A384586-B574-4240-8BCF-CCE69498F336\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.6.0\",\"versionEndExcluding\":\"3.6.10\",\"matchCriteriaId\":\"DD0A51C5-9774-4CB3-A4ED-7C68AF2EFA73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.7.0\",\"versionEndExcluding\":\"3.7.5\",\"matchCriteriaId\":\"26CE919D-4E17-44A1-97FD-0DD55B14701F\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/23\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/26\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/27\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/30\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3210\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3237\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3756\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/317\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/342\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/318\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/17\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/23\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/24\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Oct/29\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/30\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/37\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201911-08\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190926-0004/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210785\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210788\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210789\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210790\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210793\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4132-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4132-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4165-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4202-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4335-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4530\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4571\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Dec/30\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3237\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/317\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/342\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/318\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Nov/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Oct/29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/30\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/37\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201911-08\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190926-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210785\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210788\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4132-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4132-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4165-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4202-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4335-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4530\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4571\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://usn.ubuntu.com/4132-1/\", \"name\": \"USN-4132-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/30\", \"name\": \"20190917 [slackware-security] expat (SSA:2019-259-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4132-2/\", \"name\": \"USN-4132-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/\", \"name\": \"FEDORA-2019-613edfe68b\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4530\", \"name\": \"DSA-4530\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/37\", \"name\": \"20190923 [SECURITY] [DSA 4530-1] expat security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/\", \"name\": \"FEDORA-2019-9505c6b555\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html\", \"name\": \"openSUSE-SU-2019:2205\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html\", \"name\": \"openSUSE-SU-2019:2204\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/\", \"name\": \"FEDORA-2019-672ae0f060\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Oct/29\", \"name\": \"20191021 [slackware-security] python (SSA:2019-293-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4165-1/\", \"name\": \"USN-4165-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4549\", \"name\": \"DSA-4549\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3210\", \"name\": \"RHSA-2019:3210\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3237\", \"name\": \"RHSA-2019:3237\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/1\", \"name\": \"20191101 [SECURITY] [DSA 4549-1] firefox-esr security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html\", \"name\": \"openSUSE-SU-2019:2420\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html\", \"name\": \"openSUSE-SU-2019:2424\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html\", \"name\": \"openSUSE-SU-2019:2425\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3756\", \"name\": \"RHSA-2019:3756\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html\", \"name\": \"openSUSE-SU-2019:2447\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html\", \"name\": \"openSUSE-SU-2019:2451\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\", \"name\": \"openSUSE-SU-2019:2452\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\", \"name\": \"openSUSE-SU-2019:2459\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\", \"name\": \"openSUSE-SU-2019:2464\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\", \"name\": \"[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/24\", \"name\": \"20191118 [SECURITY] [DSA 4571-1] thunderbird security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4571\", \"name\": \"DSA-4571\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\", \"name\": \"[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201911-08\", \"name\": \"GLSA-201911-08\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4202-1/\", \"name\": \"USN-4202-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/17\", \"name\": \"20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/21\", \"name\": \"20191211 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/23\", \"name\": \"20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/23\", \"name\": \"20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/26\", \"name\": \"20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/30\", \"name\": \"20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/27\", \"name\": \"20191213 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html\", \"name\": \"openSUSE-SU-2020:0010\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\", \"name\": \"openSUSE-SU-2020:0086\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://usn.ubuntu.com/4335-1/\", \"name\": \"USN-4335-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/317\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/318\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/342\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190926-0004/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210788\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210790\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210785\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210789\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210793\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210795\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210794\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-11\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T01:03:32.547Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-15903\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-30T19:27:14.896115Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-30T19:26:04.258Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://usn.ubuntu.com/4132-1/\", \"name\": \"USN-4132-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/30\", \"name\": \"20190917 [slackware-security] expat (SSA:2019-259-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://usn.ubuntu.com/4132-2/\", \"name\": \"USN-4132-2\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/\", \"name\": \"FEDORA-2019-613edfe68b\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4530\", \"name\": \"DSA-4530\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/37\", \"name\": \"20190923 [SECURITY] [DSA 4530-1] expat security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/\", \"name\": \"FEDORA-2019-9505c6b555\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html\", \"name\": \"openSUSE-SU-2019:2205\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html\", \"name\": \"openSUSE-SU-2019:2204\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/\", \"name\": \"FEDORA-2019-672ae0f060\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Oct/29\", \"name\": \"20191021 [slackware-security] python (SSA:2019-293-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://usn.ubuntu.com/4165-1/\", \"name\": \"USN-4165-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4549\", \"name\": \"DSA-4549\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3210\", \"name\": \"RHSA-2019:3210\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3237\", \"name\": \"RHSA-2019:3237\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/1\", \"name\": \"20191101 [SECURITY] [DSA 4549-1] firefox-esr security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html\", \"name\": \"openSUSE-SU-2019:2420\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html\", \"name\": \"openSUSE-SU-2019:2424\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html\", \"name\": \"openSUSE-SU-2019:2425\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3756\", \"name\": \"RHSA-2019:3756\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html\", \"name\": \"openSUSE-SU-2019:2447\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html\", \"name\": \"openSUSE-SU-2019:2451\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\", \"name\": \"openSUSE-SU-2019:2452\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\", \"name\": \"openSUSE-SU-2019:2459\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\", \"name\": \"openSUSE-SU-2019:2464\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\", \"name\": \"[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/24\", \"name\": \"20191118 [SECURITY] [DSA 4571-1] thunderbird security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4571\", \"name\": \"DSA-4571\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\", \"name\": \"[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://security.gentoo.org/glsa/201911-08\", \"name\": \"GLSA-201911-08\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"https://usn.ubuntu.com/4202-1/\", \"name\": \"USN-4202-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/17\", \"name\": \"20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/21\", \"name\": \"20191211 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/23\", \"name\": \"20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/23\", \"name\": \"20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/26\", \"name\": \"20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/30\", \"name\": \"20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/27\", \"name\": \"20191213 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html\", \"name\": \"openSUSE-SU-2020:0010\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\", \"name\": \"openSUSE-SU-2020:0086\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://usn.ubuntu.com/4335-1/\", \"name\": \"USN-4335-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/317\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/libexpat/libexpat/pull/318\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/libexpat/libexpat/issues/342\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190926-0004/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://support.apple.com/kb/HT210788\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210790\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210785\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210789\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210793\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210795\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://support.apple.com/kb/HT210794\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://www.tenable.com/security/tns-2021-11\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2021-06-15T22:06:15.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://usn.ubuntu.com/4132-1/\", \"name\": \"USN-4132-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/30\", \"name\": \"20190917 [slackware-security] expat (SSA:2019-259-01)\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://usn.ubuntu.com/4132-2/\", \"name\": \"USN-4132-2\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/\", \"name\": \"FEDORA-2019-613edfe68b\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4530\", \"name\": \"DSA-4530\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/37\", \"name\": \"20190923 [SECURITY] [DSA 4530-1] expat security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/\", \"name\": \"FEDORA-2019-9505c6b555\", \"refsource\": \"FEDORA\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html\", \"name\": \"openSUSE-SU-2019:2205\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html\", \"name\": \"openSUSE-SU-2019:2204\", \"refsource\": \"SUSE\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/\", \"name\": \"FEDORA-2019-672ae0f060\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Oct/29\", \"name\": \"20191021 [slackware-security] python (SSA:2019-293-01)\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://usn.ubuntu.com/4165-1/\", \"name\": \"USN-4165-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4549\", \"name\": \"DSA-4549\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3210\", \"name\": \"RHSA-2019:3210\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3237\", \"name\": \"RHSA-2019:3237\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/1\", \"name\": \"20191101 [SECURITY] [DSA 4549-1] firefox-esr security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html\", \"name\": \"openSUSE-SU-2019:2420\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html\", \"name\": \"openSUSE-SU-2019:2424\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html\", \"name\": \"openSUSE-SU-2019:2425\", \"refsource\": \"SUSE\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3756\", \"name\": \"RHSA-2019:3756\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html\", \"name\": \"openSUSE-SU-2019:2447\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html\", \"name\": \"openSUSE-SU-2019:2451\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html\", \"name\": \"openSUSE-SU-2019:2452\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html\", \"name\": \"openSUSE-SU-2019:2459\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html\", \"name\": \"openSUSE-SU-2019:2464\", \"refsource\": \"SUSE\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html\", \"name\": \"[debian-lts-announce] 20191110 [SECURITY] [DLA 1987-1] firefox-esr security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Nov/24\", \"name\": \"20191118 [SECURITY] [DSA 4571-1] thunderbird security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4571\", \"name\": \"DSA-4571\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html\", \"name\": \"[debian-lts-announce] 20191118 [SECURITY] [DLA 1997-1] thunderbird security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://security.gentoo.org/glsa/201911-08\", \"name\": \"GLSA-201911-08\", \"refsource\": \"GENTOO\"}, {\"url\": \"https://usn.ubuntu.com/4202-1/\", \"name\": \"USN-4202-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/17\", \"name\": \"20191211 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/21\", \"name\": \"20191211 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Dec/23\", \"name\": \"20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/23\", \"name\": \"20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/26\", \"name\": \"20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/30\", \"name\": \"20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Dec/27\", \"name\": \"20191213 APPLE-SA-2019-12-10-5 tvOS 13.3\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html\", \"name\": \"openSUSE-SU-2020:0010\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html\", \"name\": \"openSUSE-SU-2020:0086\", \"refsource\": \"SUSE\"}, {\"url\": \"https://usn.ubuntu.com/4335-1/\", \"name\": \"USN-4335-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuapr2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/317\", \"name\": \"https://github.com/libexpat/libexpat/issues/317\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/318\", \"name\": \"https://github.com/libexpat/libexpat/pull/318\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\", \"name\": \"https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43\", \"refsource\": \"MISC\"}, {\"url\": \"https://github.com/libexpat/libexpat/issues/342\", \"name\": \"https://github.com/libexpat/libexpat/issues/342\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\", \"name\": \"http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190926-0004/\", \"name\": \"https://security.netapp.com/advisory/ntap-20190926-0004/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\", \"name\": \"http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\", \"name\": \"http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://support.apple.com/kb/HT210788\", \"name\": \"https://support.apple.com/kb/HT210788\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210790\", \"name\": \"https://support.apple.com/kb/HT210790\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210785\", \"name\": \"https://support.apple.com/kb/HT210785\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210789\", \"name\": \"https://support.apple.com/kb/HT210789\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210793\", \"name\": \"https://support.apple.com/kb/HT210793\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210795\", \"name\": \"https://support.apple.com/kb/HT210795\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://support.apple.com/kb/HT210794\", \"name\": \"https://support.apple.com/kb/HT210794\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://www.tenable.com/security/tns-2021-11\", \"name\": \"https://www.tenable.com/security/tns-2021-11\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-15903\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-15903\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-30T19:27:19.904Z\", \"dateReserved\": \"2019-09-04T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2019-09-04T05:59:16.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2019:2420-1
Vulnerability from csaf_opensuse - Published: 2019-11-01 20:24 - Updated: 2019-11-01 20:24Summary
Security update for chromium, re2
Severity
Important
Notes
Title of the patch: Security update for chromium, re2
Description of the patch: This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
Patchnames: openSUSE-2019-2420
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
70 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium, re2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2420",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2420-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2420-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3NWTA6MINHDECNVPEESVOI4YS5GWLB2W/#3NWTA6MINHDECNVPEESVOI4YS5GWLB2W"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2420-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3NWTA6MINHDECNVPEESVOI4YS5GWLB2W/#3NWTA6MINHDECNVPEESVOI4YS5GWLB2W"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for chromium, re2",
"tracking": {
"current_release_date": "2019-11-01T20:24:26Z",
"generator": {
"date": "2019-11-01T20:24:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2420-1",
"initial_release_date": "2019-11-01T20:24:26Z",
"revision_history": [
{
"date": "2019-11-01T20:24:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-lp151.10.3.1.i586",
"product": {
"name": "libre2-0-20190901-lp151.10.3.1.i586",
"product_id": "libre2-0-20190901-lp151.10.3.1.i586"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-lp151.10.3.1.i586",
"product": {
"name": "re2-devel-20190901-lp151.10.3.1.i586",
"product_id": "re2-devel-20190901-lp151.10.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"product_id": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"product": {
"name": "chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"product_id": "chromium-78.0.3904.70-lp151.2.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-lp151.10.3.1.x86_64",
"product": {
"name": "libre2-0-20190901-lp151.10.3.1.x86_64",
"product_id": "libre2-0-20190901-lp151.10.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"product": {
"name": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"product_id": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-lp151.10.3.1.x86_64",
"product": {
"name": "re2-devel-20190901-lp151.10.3.1.x86_64",
"product_id": "re2-devel-20190901-lp151.10.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-lp151.2.39.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-lp151.10.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586"
},
"product_reference": "libre2-0-20190901-lp151.10.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "libre2-0-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-lp151.10.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586"
},
"product_reference": "re2-devel-20190901-lp151.10.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "re2-devel-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-lp151.2.39.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-lp151.10.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586"
},
"product_reference": "libre2-0-20190901-lp151.10.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "libre2-0-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-lp151.10.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586"
},
"product_reference": "re2-devel-20190901-lp151.10.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-lp151.10.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
},
"product_reference": "re2-devel-20190901-lp151.10.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.0:re2-devel-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:chromedriver-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:chromium-78.0.3904.70-lp151.2.39.1.x86_64",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:libre2-0-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:libre2-0-32bit-20190901-lp151.10.3.1.x86_64",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.i586",
"openSUSE Leap 15.1:re2-devel-20190901-lp151.10.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-01T20:24:26Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2424-1
Vulnerability from csaf_opensuse - Published: 2019-11-02 20:24 - Updated: 2019-11-02 20:24Summary
Security update for chromium, re2
Severity
Important
Notes
Title of the patch: Security update for chromium, re2
Description of the patch: This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
This update was imported from the openSUSE:Leap:15.0:Update update project.
Patchnames: openSUSE-2019-2424
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
70 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium, re2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2424",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2424-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2424-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PWAZQUNDL6EYARWSXF52VFRXI6QGOKQ5/#PWAZQUNDL6EYARWSXF52VFRXI6QGOKQ5"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2424-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PWAZQUNDL6EYARWSXF52VFRXI6QGOKQ5/#PWAZQUNDL6EYARWSXF52VFRXI6QGOKQ5"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for chromium, re2",
"tracking": {
"current_release_date": "2019-11-02T20:24:39Z",
"generator": {
"date": "2019-11-02T20:24:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2424-1",
"initial_release_date": "2019-11-02T20:24:39Z",
"revision_history": [
{
"date": "2019-11-02T20:24:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"product": {
"name": "chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"product_id": "chromedriver-78.0.3904.70-bp150.240.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp150.240.1.aarch64",
"product": {
"name": "chromium-78.0.3904.70-bp150.240.1.aarch64",
"product_id": "chromium-78.0.3904.70-bp150.240.1.aarch64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp150.25.1.aarch64",
"product": {
"name": "libre2-0-20190901-bp150.25.1.aarch64",
"product_id": "libre2-0-20190901-bp150.25.1.aarch64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp150.25.1.aarch64",
"product": {
"name": "re2-devel-20190901-bp150.25.1.aarch64",
"product_id": "re2-devel-20190901-bp150.25.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"product": {
"name": "libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"product_id": "libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp150.25.1.ppc64le",
"product": {
"name": "libre2-0-20190901-bp150.25.1.ppc64le",
"product_id": "libre2-0-20190901-bp150.25.1.ppc64le"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp150.25.1.ppc64le",
"product": {
"name": "re2-devel-20190901-bp150.25.1.ppc64le",
"product_id": "re2-devel-20190901-bp150.25.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp150.25.1.s390x",
"product": {
"name": "libre2-0-20190901-bp150.25.1.s390x",
"product_id": "libre2-0-20190901-bp150.25.1.s390x"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp150.25.1.s390x",
"product": {
"name": "re2-devel-20190901-bp150.25.1.s390x",
"product_id": "re2-devel-20190901-bp150.25.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"product_id": "chromedriver-78.0.3904.70-bp150.240.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp150.240.1.x86_64",
"product": {
"name": "chromium-78.0.3904.70-bp150.240.1.x86_64",
"product_id": "chromium-78.0.3904.70-bp150.240.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp150.25.1.x86_64",
"product": {
"name": "libre2-0-20190901-bp150.25.1.x86_64",
"product_id": "libre2-0-20190901-bp150.25.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp150.25.1.x86_64",
"product": {
"name": "re2-devel-20190901-bp150.25.1.x86_64",
"product_id": "re2-devel-20190901-bp150.25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15",
"product": {
"name": "SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp150.240.1.aarch64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64"
},
"product_reference": "chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp150.240.1.x86_64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp150.240.1.aarch64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64"
},
"product_reference": "chromium-78.0.3904.70-bp150.240.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp150.240.1.x86_64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-bp150.240.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp150.25.1.aarch64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64"
},
"product_reference": "libre2-0-20190901-bp150.25.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp150.25.1.ppc64le as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le"
},
"product_reference": "libre2-0-20190901-bp150.25.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp150.25.1.s390x as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x"
},
"product_reference": "libre2-0-20190901-bp150.25.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp150.25.1.x86_64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64"
},
"product_reference": "libre2-0-20190901-bp150.25.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32"
},
"product_reference": "libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp150.25.1.aarch64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64"
},
"product_reference": "re2-devel-20190901-bp150.25.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp150.25.1.ppc64le as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le"
},
"product_reference": "re2-devel-20190901-bp150.25.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp150.25.1.s390x as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x"
},
"product_reference": "re2-devel-20190901-bp150.25.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp150.25.1.x86_64 as component of SUSE Package Hub 15",
"product_id": "SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
},
"product_reference": "re2-devel-20190901-bp150.25.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromedriver-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.aarch64",
"SUSE Package Hub 15:chromium-78.0.3904.70-bp150.240.1.x86_64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:libre2-0-20190901-bp150.25.1.x86_64",
"SUSE Package Hub 15:libre2-0-64bit-20190901-bp150.25.1.aarch64_ilp32",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.aarch64",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.ppc64le",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.s390x",
"SUSE Package Hub 15:re2-devel-20190901-bp150.25.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-02T20:24:39Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2425-1
Vulnerability from csaf_opensuse - Published: 2019-11-03 08:56 - Updated: 2019-11-03 08:56Summary
Security update for chromium, re2
Severity
Important
Notes
Title of the patch: Security update for chromium, re2
Description of the patch: This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
This update was imported from the openSUSE:Leap:15.1:Update update project.
Patchnames: openSUSE-2019-2425
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
70 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium, re2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2425",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2425-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2425-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2425-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF/#PUHPSOYGL3R2UY6Q72GDJBKT62EGZHYF"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for chromium, re2",
"tracking": {
"current_release_date": "2019-11-03T08:56:17Z",
"generator": {
"date": "2019-11-03T08:56:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2425-1",
"initial_release_date": "2019-11-03T08:56:17Z",
"revision_history": [
{
"date": "2019-11-03T08:56:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"product_id": "chromium-78.0.3904.70-bp151.3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.aarch64",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.aarch64",
"product_id": "libre2-0-20190901-bp151.6.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.aarch64",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.aarch64",
"product_id": "re2-devel-20190901-bp151.6.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"product": {
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"product_id": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"product_id": "libre2-0-20190901-bp151.6.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"product_id": "re2-devel-20190901-bp151.6.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.s390x",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.s390x",
"product_id": "libre2-0-20190901-bp151.6.3.1.s390x"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.s390x",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.s390x",
"product_id": "re2-devel-20190901-bp151.6.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"product_id": "chromium-78.0.3904.70-bp151.3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.3.1.x86_64",
"product": {
"name": "libre2-0-20190901-bp151.6.3.1.x86_64",
"product_id": "libre2-0-20190901-bp151.6.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.3.1.x86_64",
"product": {
"name": "re2-devel-20190901-bp151.6.3.1.x86_64",
"product_id": "re2-devel-20190901-bp151.6.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.21.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64"
},
"product_reference": "libre2-0-20190901-bp151.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32"
},
"product_reference": "libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
},
"product_reference": "re2-devel-20190901-bp151.6.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.21.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.3.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.3.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-03T08:56:17Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2447-1
Vulnerability from csaf_opensuse - Published: 2019-11-06 17:25 - Updated: 2019-11-06 17:25Summary
Security update for chromium
Severity
Important
Notes
Title of the patch: Security update for chromium
Description of the patch: This update for chromium fixes the following issues:
Chromium was updated to 78.0.3904.87:
(boo#1155643,boo#1154806,boo#1153660, boo#1151229,boo#1149143,boo#1145242,boo#1143492)
Security issues fixed with this version update:
* CVE-2019-13721: Use-after-free in PDFium
* CVE-2019-13720: Use-after-free in audio
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* CVE-2019-13693: Use-after-free in IndexedDB
* CVE-2019-13694: Use-after-free in WebRTC
* CVE-2019-13695: Use-after-free in audio
* CVE-2019-13696: Use-after-free in V8
* CVE-2019-13697: Cross-origin size leak.
* CVE-2019-13685: Use-after-free in UI
* CVE-2019-13688: Use-after-free in media
* CVE-2019-13687: Use-after-free in media
* CVE-2019-13686: Use-after-free in offline pages
* CVE-2019-5870: Use-after-free in media
* CVE-2019-5871: Heap overflow in Skia
* CVE-2019-5872: Use-after-free in Mojo
* CVE-2019-5874: External URIs may trigger other browsers
* CVE-2019-5875: URL bar spoof via download redirect
* CVE-2019-5876: Use-after-free in media
* CVE-2019-5877: Out-of-bounds access in V8
* CVE-2019-5878: Use-after-free in V8
* CVE-2019-5879: Extension can bypass same origin policy
* CVE-2019-5880: SameSite cookie bypass
* CVE-2019-5881: Arbitrary read in SwiftShader
* CVE-2019-13659: URL spoof
* CVE-2019-13660: Full screen notification overlap
* CVE-2019-13661: Full screen notification spoof
* CVE-2019-13662: CSP bypass
* CVE-2019-13663: IDN spoof
* CVE-2019-13664: CSRF bypass
* CVE-2019-13665: Multiple file download protection bypass
* CVE-2019-13666: Side channel using storage size estimate
* CVE-2019-13667: URI bar spoof when using external app URIs
* CVE-2019-13668: Global window leak via console
* CVE-2019-13669: HTTP authentication spoof
* CVE-2019-13670: V8 memory corruption in regex
* CVE-2019-13671: Dialog box fails to show origin
* CVE-2019-13673: Cross-origin information leak using devtools
* CVE-2019-13674: IDN spoofing
* CVE-2019-13675: Extensions can be disabled by trailing slash
* CVE-2019-13676: Google URI shown for certificate warning
* CVE-2019-13677: Chrome web store origin needs to be isolated
* CVE-2019-13678: Download dialog spoofing
* CVE-2019-13679: User gesture needed for printing
* CVE-2019-13680: IP address spoofing to servers
* CVE-2019-13681: Bypass on download restrictions
* CVE-2019-13682: Site isolation bypass
* CVE-2019-13683: Exceptions leaked by devtools
* CVE-2019-5869: Use-after-free in Blink
* CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction
* CVE-2019-5867: Out-of-bounds read in V8
* CVE-2019-5850: Use-after-free in offline page fetcher
* CVE-2019-5860: Use-after-free in PDFium
* CVE-2019-5853: Memory corruption in regexp length check
* CVE-2019-5851: Use-after-poison in offline audio context
* CVE-2019-5859: res: URIs can load alternative browsers
* CVE-2019-5856: Insufficient checks on filesystem: URI permissions
* CVE-2019-5855: Integer overflow in PDFium
* CVE-2019-5865: Site isolation bypass from compromised renderer
* CVE-2019-5858: Insufficient filtering of Open URL service parameters
* CVE-2019-5864: Insufficient port filtering in CORS for extensions
* CVE-2019-5862: AppCache not robust to compromised renderers
* CVE-2019-5861: Click location incorrectly checked
* CVE-2019-5857: Comparison of -0 and null yields crash
* CVE-2019-5854: Integer overflow in PDFium text rendering
* CVE-2019-5852: Object leak of utility functions
Patchnames: openSUSE-2019-2447
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.6 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.6 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
276 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium fixes the following issues:\n\t \nChromium was updated to 78.0.3904.87: \n(boo#1155643,boo#1154806,boo#1153660, boo#1151229,boo#1149143,boo#1145242,boo#1143492)\n\nSecurity issues fixed with this version update: \n\n * CVE-2019-13721: Use-after-free in PDFium\n * CVE-2019-13720: Use-after-free in audio\n * CVE-2019-13699: Use-after-free in media\n * CVE-2019-13700: Buffer overrun in Blink\n * CVE-2019-13701: URL spoof in navigation\n * CVE-2019-13702: Privilege elevation in Installer\n * CVE-2019-13703: URL bar spoofing\n * CVE-2019-13704: CSP bypass\n * CVE-2019-13705: Extension permission bypass\n * CVE-2019-13706: Out-of-bounds read in PDFium\n * CVE-2019-13707: File storage disclosure\n * CVE-2019-13708: HTTP authentication spoof\n * CVE-2019-13709: File download protection bypass\n * CVE-2019-13710: File download protection bypass\n * CVE-2019-13711: Cross-context information leak\n * CVE-2019-15903: Buffer overflow in expat\n * CVE-2019-13713: Cross-origin data leak\n * CVE-2019-13714: CSS injection\n * CVE-2019-13715: Address bar spoofing\n * CVE-2019-13716: Service worker state error\n * CVE-2019-13717: Notification obscured\n * CVE-2019-13718: IDN spoof\n * CVE-2019-13719: Notification obscured\n * CVE-2019-13693: Use-after-free in IndexedDB\n * CVE-2019-13694: Use-after-free in WebRTC\n * CVE-2019-13695: Use-after-free in audio\n * CVE-2019-13696: Use-after-free in V8\n * CVE-2019-13697: Cross-origin size leak. \n * CVE-2019-13685: Use-after-free in UI\n * CVE-2019-13688: Use-after-free in media\n * CVE-2019-13687: Use-after-free in media\n * CVE-2019-13686: Use-after-free in offline pages\n * CVE-2019-5870: Use-after-free in media\n * CVE-2019-5871: Heap overflow in Skia\n * CVE-2019-5872: Use-after-free in Mojo\n * CVE-2019-5874: External URIs may trigger other browsers\n * CVE-2019-5875: URL bar spoof via download redirect\n * CVE-2019-5876: Use-after-free in media\n * CVE-2019-5877: Out-of-bounds access in V8\n * CVE-2019-5878: Use-after-free in V8\n * CVE-2019-5879: Extension can bypass same origin policy\n * CVE-2019-5880: SameSite cookie bypass\n * CVE-2019-5881: Arbitrary read in SwiftShader\n * CVE-2019-13659: URL spoof\n * CVE-2019-13660: Full screen notification overlap\n * CVE-2019-13661: Full screen notification spoof\n * CVE-2019-13662: CSP bypass\n * CVE-2019-13663: IDN spoof\n * CVE-2019-13664: CSRF bypass\n * CVE-2019-13665: Multiple file download protection bypass\n * CVE-2019-13666: Side channel using storage size estimate\n * CVE-2019-13667: URI bar spoof when using external app URIs\n * CVE-2019-13668: Global window leak via console\n * CVE-2019-13669: HTTP authentication spoof\n * CVE-2019-13670: V8 memory corruption in regex\n * CVE-2019-13671: Dialog box fails to show origin\n * CVE-2019-13673: Cross-origin information leak using devtools\n * CVE-2019-13674: IDN spoofing\n * CVE-2019-13675: Extensions can be disabled by trailing slash\n * CVE-2019-13676: Google URI shown for certificate warning\n * CVE-2019-13677: Chrome web store origin needs to be isolated\n * CVE-2019-13678: Download dialog spoofing\n * CVE-2019-13679: User gesture needed for printing\n * CVE-2019-13680: IP address spoofing to servers\n * CVE-2019-13681: Bypass on download restrictions\n * CVE-2019-13682: Site isolation bypass\n * CVE-2019-13683: Exceptions leaked by devtools\n * CVE-2019-5869: Use-after-free in Blink\n * CVE-2019-5868: Use-after-free in PDFium ExecuteFieldAction\n * CVE-2019-5867: Out-of-bounds read in V8\n * CVE-2019-5850: Use-after-free in offline page fetcher\n * CVE-2019-5860: Use-after-free in PDFium\n * CVE-2019-5853: Memory corruption in regexp length check\n * CVE-2019-5851: Use-after-poison in offline audio context\n * CVE-2019-5859: res: URIs can load alternative browsers\n * CVE-2019-5856: Insufficient checks on filesystem: URI permissions\n * CVE-2019-5855: Integer overflow in PDFium\n * CVE-2019-5865: Site isolation bypass from compromised renderer\n * CVE-2019-5858: Insufficient filtering of Open URL service parameters\n * CVE-2019-5864: Insufficient port filtering in CORS for extensions\n * CVE-2019-5862: AppCache not robust to compromised renderers\n * CVE-2019-5861: Click location incorrectly checked\n * CVE-2019-5857: Comparison of -0 and null yields crash\n * CVE-2019-5854: Integer overflow in PDFium text rendering\n * CVE-2019-5852: Object leak of utility functions\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2447",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2447-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2447-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QNJAWHUQKXHQBG3I7GI4ACW3CYHDJAHM/#QNJAWHUQKXHQBG3I7GI4ACW3CYHDJAHM"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2447-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QNJAWHUQKXHQBG3I7GI4ACW3CYHDJAHM/#QNJAWHUQKXHQBG3I7GI4ACW3CYHDJAHM"
},
{
"category": "self",
"summary": "SUSE Bug 1143492",
"url": "https://bugzilla.suse.com/1143492"
},
{
"category": "self",
"summary": "SUSE Bug 1144625",
"url": "https://bugzilla.suse.com/1144625"
},
{
"category": "self",
"summary": "SUSE Bug 1145242",
"url": "https://bugzilla.suse.com/1145242"
},
{
"category": "self",
"summary": "SUSE Bug 1146219",
"url": "https://bugzilla.suse.com/1146219"
},
{
"category": "self",
"summary": "SUSE Bug 1149143",
"url": "https://bugzilla.suse.com/1149143"
},
{
"category": "self",
"summary": "SUSE Bug 1150425",
"url": "https://bugzilla.suse.com/1150425"
},
{
"category": "self",
"summary": "SUSE Bug 1151229",
"url": "https://bugzilla.suse.com/1151229"
},
{
"category": "self",
"summary": "SUSE Bug 1153660",
"url": "https://bugzilla.suse.com/1153660"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE Bug 1155643",
"url": "https://bugzilla.suse.com/1155643"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13659 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13660 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13661 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13662 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13663 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13664 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13665 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13666 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13667 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13668 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13669 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13670 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13671 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13673 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13674 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13675 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13676 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13677 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13678 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13679 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13680 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13681 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13682 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13683 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13685 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13686 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13687 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13688 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13693 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13694 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13695 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13696 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13697 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13720 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13721 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5850 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5851 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5852 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5853 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5854 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5855 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5856 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5857 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5858 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5859 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5860 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5861 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5862 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5863 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5864 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5865 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5867 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5868 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5869 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5870 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5871 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5872 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5874 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5875 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5876 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5877 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5878 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5879 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5880 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5881 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5881/"
}
],
"title": "Security update for chromium",
"tracking": {
"current_release_date": "2019-11-06T17:25:26Z",
"generator": {
"date": "2019-11-06T17:25:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2447-1",
"initial_release_date": "2019-11-06T17:25:26Z",
"revision_history": [
{
"date": "2019-11-06T17:25:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.87-10.1.aarch64",
"product": {
"name": "chromedriver-78.0.3904.87-10.1.aarch64",
"product_id": "chromedriver-78.0.3904.87-10.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.87-10.1.aarch64",
"product": {
"name": "chromium-78.0.3904.87-10.1.aarch64",
"product_id": "chromium-78.0.3904.87-10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.87-10.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.87-10.1.x86_64",
"product_id": "chromedriver-78.0.3904.87-10.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.87-10.1.x86_64",
"product": {
"name": "chromium-78.0.3904.87-10.1.x86_64",
"product_id": "chromium-78.0.3904.87-10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 12 SP3",
"product": {
"name": "SUSE Package Hub 12 SP3",
"product_id": "SUSE Package Hub 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.87-10.1.aarch64 as component of SUSE Package Hub 12 SP3",
"product_id": "SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64"
},
"product_reference": "chromedriver-78.0.3904.87-10.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.87-10.1.x86_64 as component of SUSE Package Hub 12 SP3",
"product_id": "SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.87-10.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.87-10.1.aarch64 as component of SUSE Package Hub 12 SP3",
"product_id": "SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64"
},
"product_reference": "chromium-78.0.3904.87-10.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.87-10.1.x86_64 as component of SUSE Package Hub 12 SP3",
"product_id": "SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
},
"product_reference": "chromium-78.0.3904.87-10.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13659"
}
],
"notes": [
{
"category": "general",
"text": "IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13659",
"url": "https://www.suse.com/security/cve/CVE-2019-13659"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13659",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13659"
},
{
"cve": "CVE-2019-13660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13660"
}
],
"notes": [
{
"category": "general",
"text": "UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13660",
"url": "https://www.suse.com/security/cve/CVE-2019-13660"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13660",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13660"
},
{
"cve": "CVE-2019-13661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13661"
}
],
"notes": [
{
"category": "general",
"text": "UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13661",
"url": "https://www.suse.com/security/cve/CVE-2019-13661"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13661",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13661"
},
{
"cve": "CVE-2019-13662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13662"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13662",
"url": "https://www.suse.com/security/cve/CVE-2019-13662"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13662",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13662"
},
{
"cve": "CVE-2019-13663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13663"
}
],
"notes": [
{
"category": "general",
"text": "IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13663",
"url": "https://www.suse.com/security/cve/CVE-2019-13663"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13663",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13663"
},
{
"cve": "CVE-2019-13664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13664"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13664",
"url": "https://www.suse.com/security/cve/CVE-2019-13664"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13664",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13664"
},
{
"cve": "CVE-2019-13665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13665"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13665",
"url": "https://www.suse.com/security/cve/CVE-2019-13665"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13665",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13665"
},
{
"cve": "CVE-2019-13666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13666"
}
],
"notes": [
{
"category": "general",
"text": "Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13666",
"url": "https://www.suse.com/security/cve/CVE-2019-13666"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13666",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13666"
},
{
"cve": "CVE-2019-13667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13667"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13667",
"url": "https://www.suse.com/security/cve/CVE-2019-13667"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13667",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13667"
},
{
"cve": "CVE-2019-13668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13668"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13668",
"url": "https://www.suse.com/security/cve/CVE-2019-13668"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13668",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13668"
},
{
"cve": "CVE-2019-13669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13669"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13669",
"url": "https://www.suse.com/security/cve/CVE-2019-13669"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13669",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13669"
},
{
"cve": "CVE-2019-13670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13670"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13670",
"url": "https://www.suse.com/security/cve/CVE-2019-13670"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13670",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13670"
},
{
"cve": "CVE-2019-13671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13671"
}
],
"notes": [
{
"category": "general",
"text": "UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13671",
"url": "https://www.suse.com/security/cve/CVE-2019-13671"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13671",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13671"
},
{
"cve": "CVE-2019-13673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13673"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13673",
"url": "https://www.suse.com/security/cve/CVE-2019-13673"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13673",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13673"
},
{
"cve": "CVE-2019-13674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13674"
}
],
"notes": [
{
"category": "general",
"text": "IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13674",
"url": "https://www.suse.com/security/cve/CVE-2019-13674"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13674",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13674"
},
{
"cve": "CVE-2019-13675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13675"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13675",
"url": "https://www.suse.com/security/cve/CVE-2019-13675"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13675",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13675"
},
{
"cve": "CVE-2019-13676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13676"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13676",
"url": "https://www.suse.com/security/cve/CVE-2019-13676"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13676",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13676"
},
{
"cve": "CVE-2019-13677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13677"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13677",
"url": "https://www.suse.com/security/cve/CVE-2019-13677"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13677",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13677"
},
{
"cve": "CVE-2019-13678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13678"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13678",
"url": "https://www.suse.com/security/cve/CVE-2019-13678"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13678",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13678"
},
{
"cve": "CVE-2019-13679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13679"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13679",
"url": "https://www.suse.com/security/cve/CVE-2019-13679"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13679",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13679"
},
{
"cve": "CVE-2019-13680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13680"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in TLS in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof client IP address to websites via crafted TLS connections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13680",
"url": "https://www.suse.com/security/cve/CVE-2019-13680"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13680",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13680"
},
{
"cve": "CVE-2019-13681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13681"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13681",
"url": "https://www.suse.com/security/cve/CVE-2019-13681"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13681",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13681"
},
{
"cve": "CVE-2019-13682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13682"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13682",
"url": "https://www.suse.com/security/cve/CVE-2019-13682"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13682",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13682"
},
{
"cve": "CVE-2019-13683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13683"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13683",
"url": "https://www.suse.com/security/cve/CVE-2019-13683"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-13683",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13683"
},
{
"cve": "CVE-2019-13685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13685"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in sharing view in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13685",
"url": "https://www.suse.com/security/cve/CVE-2019-13685"
},
{
"category": "external",
"summary": "SUSE Bug 1151229 for CVE-2019-13685",
"url": "https://bugzilla.suse.com/1151229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13685"
},
{
"cve": "CVE-2019-13686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13686"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in offline mode in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13686",
"url": "https://www.suse.com/security/cve/CVE-2019-13686"
},
{
"category": "external",
"summary": "SUSE Bug 1151229 for CVE-2019-13686",
"url": "https://bugzilla.suse.com/1151229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13686"
},
{
"cve": "CVE-2019-13687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13687"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13687",
"url": "https://www.suse.com/security/cve/CVE-2019-13687"
},
{
"category": "external",
"summary": "SUSE Bug 1151229 for CVE-2019-13687",
"url": "https://bugzilla.suse.com/1151229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13687"
},
{
"cve": "CVE-2019-13688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13688"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13688",
"url": "https://www.suse.com/security/cve/CVE-2019-13688"
},
{
"category": "external",
"summary": "SUSE Bug 1151229 for CVE-2019-13688",
"url": "https://bugzilla.suse.com/1151229"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13688"
},
{
"cve": "CVE-2019-13693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13693"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13693",
"url": "https://www.suse.com/security/cve/CVE-2019-13693"
},
{
"category": "external",
"summary": "SUSE Bug 1153660 for CVE-2019-13693",
"url": "https://bugzilla.suse.com/1153660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13693"
},
{
"cve": "CVE-2019-13694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13694"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13694",
"url": "https://www.suse.com/security/cve/CVE-2019-13694"
},
{
"category": "external",
"summary": "SUSE Bug 1153660 for CVE-2019-13694",
"url": "https://bugzilla.suse.com/1153660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13694"
},
{
"cve": "CVE-2019-13695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13695"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in audio in Google Chrome on Android prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13695",
"url": "https://www.suse.com/security/cve/CVE-2019-13695"
},
{
"category": "external",
"summary": "SUSE Bug 1153660 for CVE-2019-13695",
"url": "https://bugzilla.suse.com/1153660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13695"
},
{
"cve": "CVE-2019-13696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13696"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13696",
"url": "https://www.suse.com/security/cve/CVE-2019-13696"
},
{
"category": "external",
"summary": "SUSE Bug 1153660 for CVE-2019-13696",
"url": "https://bugzilla.suse.com/1153660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13696"
},
{
"cve": "CVE-2019-13697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13697"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in performance APIs in Google Chrome prior to 77.0.3865.120 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13697",
"url": "https://www.suse.com/security/cve/CVE-2019-13697"
},
{
"category": "external",
"summary": "SUSE Bug 1153660 for CVE-2019-13697",
"url": "https://bugzilla.suse.com/1153660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13697"
},
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-13720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13720"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13720",
"url": "https://www.suse.com/security/cve/CVE-2019-13720"
},
{
"category": "external",
"summary": "SUSE Bug 1155643 for CVE-2019-13720",
"url": "https://bugzilla.suse.com/1155643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13720"
},
{
"cve": "CVE-2019-13721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13721"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13721",
"url": "https://www.suse.com/security/cve/CVE-2019-13721"
},
{
"category": "external",
"summary": "SUSE Bug 1155643 for CVE-2019-13721",
"url": "https://bugzilla.suse.com/1155643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-13721"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
},
{
"cve": "CVE-2019-5850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5850"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5850",
"url": "https://www.suse.com/security/cve/CVE-2019-5850"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5850",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "critical"
}
],
"title": "CVE-2019-5850"
},
{
"cve": "CVE-2019-5851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5851"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5851",
"url": "https://www.suse.com/security/cve/CVE-2019-5851"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5851",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5851"
},
{
"cve": "CVE-2019-5852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5852"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5852",
"url": "https://www.suse.com/security/cve/CVE-2019-5852"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5852",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5852"
},
{
"cve": "CVE-2019-5853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5853"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5853",
"url": "https://www.suse.com/security/cve/CVE-2019-5853"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5853",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5853"
},
{
"cve": "CVE-2019-5854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5854"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5854",
"url": "https://www.suse.com/security/cve/CVE-2019-5854"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5854",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5854"
},
{
"cve": "CVE-2019-5855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5855"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5855",
"url": "https://www.suse.com/security/cve/CVE-2019-5855"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5855",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5855"
},
{
"cve": "CVE-2019-5856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5856"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in storage in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5856",
"url": "https://www.suse.com/security/cve/CVE-2019-5856"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5856",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5856"
},
{
"cve": "CVE-2019-5857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5857"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in JavaScript in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5857",
"url": "https://www.suse.com/security/cve/CVE-2019-5857"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5857",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5857"
},
{
"cve": "CVE-2019-5858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5858"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in MacOS services integration in Google Chrome on OS X prior to 76.0.3809.87 allowed a local attacker to execute arbitrary code via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5858",
"url": "https://www.suse.com/security/cve/CVE-2019-5858"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5858",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5858"
},
{
"cve": "CVE-2019-5859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5859"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5859",
"url": "https://www.suse.com/security/cve/CVE-2019-5859"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5859",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5859"
},
{
"cve": "CVE-2019-5860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5860"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5860",
"url": "https://www.suse.com/security/cve/CVE-2019-5860"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5860",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5860"
},
{
"cve": "CVE-2019-5861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5861"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5861",
"url": "https://www.suse.com/security/cve/CVE-2019-5861"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5861",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5861"
},
{
"cve": "CVE-2019-5862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5862"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5862",
"url": "https://www.suse.com/security/cve/CVE-2019-5862"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5862",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5862"
},
{
"cve": "CVE-2019-5863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5863"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5863",
"url": "https://www.suse.com/security/cve/CVE-2019-5863"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5863",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5863"
},
{
"cve": "CVE-2019-5864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5864"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5864",
"url": "https://www.suse.com/security/cve/CVE-2019-5864"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5864",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5864"
},
{
"cve": "CVE-2019-5865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5865"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5865",
"url": "https://www.suse.com/security/cve/CVE-2019-5865"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5865",
"url": "https://bugzilla.suse.com/1143492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5865"
},
{
"cve": "CVE-2019-5867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5867"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5867",
"url": "https://www.suse.com/security/cve/CVE-2019-5867"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5867",
"url": "https://bugzilla.suse.com/1143492"
},
{
"category": "external",
"summary": "SUSE Bug 1145242 for CVE-2019-5867",
"url": "https://bugzilla.suse.com/1145242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5867"
},
{
"cve": "CVE-2019-5868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5868"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5868",
"url": "https://www.suse.com/security/cve/CVE-2019-5868"
},
{
"category": "external",
"summary": "SUSE Bug 1143492 for CVE-2019-5868",
"url": "https://bugzilla.suse.com/1143492"
},
{
"category": "external",
"summary": "SUSE Bug 1145242 for CVE-2019-5868",
"url": "https://bugzilla.suse.com/1145242"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5868"
},
{
"cve": "CVE-2019-5869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5869"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5869",
"url": "https://www.suse.com/security/cve/CVE-2019-5869"
},
{
"category": "external",
"summary": "SUSE Bug 1149143 for CVE-2019-5869",
"url": "https://bugzilla.suse.com/1149143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5869"
},
{
"cve": "CVE-2019-5870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5870"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5870",
"url": "https://www.suse.com/security/cve/CVE-2019-5870"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5870",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "critical"
}
],
"title": "CVE-2019-5870"
},
{
"cve": "CVE-2019-5871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5871"
}
],
"notes": [
{
"category": "general",
"text": "Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5871",
"url": "https://www.suse.com/security/cve/CVE-2019-5871"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5871",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5871"
},
{
"cve": "CVE-2019-5872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5872"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5872",
"url": "https://www.suse.com/security/cve/CVE-2019-5872"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5872",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5872"
},
{
"cve": "CVE-2019-5874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5874"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient filtering in URI schemes in Google Chrome on Windows prior to 77.0.3865.75 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5874",
"url": "https://www.suse.com/security/cve/CVE-2019-5874"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5874",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5874"
},
{
"cve": "CVE-2019-5875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5875"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5875",
"url": "https://www.suse.com/security/cve/CVE-2019-5875"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5875",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5875"
},
{
"cve": "CVE-2019-5876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5876"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome on Android prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5876",
"url": "https://www.suse.com/security/cve/CVE-2019-5876"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5876",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5876"
},
{
"cve": "CVE-2019-5877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5877"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5877",
"url": "https://www.suse.com/security/cve/CVE-2019-5877"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5877",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5877"
},
{
"cve": "CVE-2019-5878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5878"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5878",
"url": "https://www.suse.com/security/cve/CVE-2019-5878"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5878",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5878"
},
{
"cve": "CVE-2019-5879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5879"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5879",
"url": "https://www.suse.com/security/cve/CVE-2019-5879"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5879",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "moderate"
}
],
"title": "CVE-2019-5879"
},
{
"cve": "CVE-2019-5880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5880"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5880",
"url": "https://www.suse.com/security/cve/CVE-2019-5880"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5880",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5880"
},
{
"cve": "CVE-2019-5881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5881"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5881",
"url": "https://www.suse.com/security/cve/CVE-2019-5881"
},
{
"category": "external",
"summary": "SUSE Bug 1150425 for CVE-2019-5881",
"url": "https://bugzilla.suse.com/1150425"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromedriver-78.0.3904.87-10.1.x86_64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.aarch64",
"SUSE Package Hub 12 SP3:chromium-78.0.3904.87-10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-06T17:25:26Z",
"details": "important"
}
],
"title": "CVE-2019-5881"
}
]
}
OPENSUSE-SU-2019:2451-1
Vulnerability from csaf_opensuse - Published: 2019-11-09 11:20 - Updated: 2019-11-09 11:20Summary
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
Severity
Important
Notes
Title of the patch: Security update for MozillaFirefox, MozillaFirefox-branding-SLE
Description of the patch: This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues:
Changes in MozillaFirefox:
Security issues fixed:
- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).
- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).
- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).
- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).
- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).
- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).
- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).
- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).
- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).
Non-security issues fixed:
- Added Provides-line for translations-common (bsc#1153423) .
- Moved some settings from branding-package here (bsc#1153869).
- Disabled DoH by default.
Changes in MozillaFirefox-branding-SLE:
- Moved extensions preferences to core package (bsc#1153869).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2451
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues:\n\nChanges in MozillaFirefox:\n\nSecurity issues fixed:\n\n- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nNon-security issues fixed:\n\n- Added Provides-line for translations-common (bsc#1153423) .\n- Moved some settings from branding-package here (bsc#1153869).\n- Disabled DoH by default.\n\nChanges in MozillaFirefox-branding-SLE:\n\n- Moved extensions preferences to core package (bsc#1153869).\n\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2451",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2451-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2451-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V6ZXQOV37FDUBMBAJGH2RCLCL55J6IYA/#V6ZXQOV37FDUBMBAJGH2RCLCL55J6IYA"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2451-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/V6ZXQOV37FDUBMBAJGH2RCLCL55J6IYA/#V6ZXQOV37FDUBMBAJGH2RCLCL55J6IYA"
},
{
"category": "self",
"summary": "SUSE Bug 1104841",
"url": "https://bugzilla.suse.com/1104841"
},
{
"category": "self",
"summary": "SUSE Bug 1129528",
"url": "https://bugzilla.suse.com/1129528"
},
{
"category": "self",
"summary": "SUSE Bug 1137990",
"url": "https://bugzilla.suse.com/1137990"
},
{
"category": "self",
"summary": "SUSE Bug 1149429",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "self",
"summary": "SUSE Bug 1151186",
"url": "https://bugzilla.suse.com/1151186"
},
{
"category": "self",
"summary": "SUSE Bug 1153423",
"url": "https://bugzilla.suse.com/1153423"
},
{
"category": "self",
"summary": "SUSE Bug 1153869",
"url": "https://bugzilla.suse.com/1153869"
},
{
"category": "self",
"summary": "SUSE Bug 1154738",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11757 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11758 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11759 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11760 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11761 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11762 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11763 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11764 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE",
"tracking": {
"current_release_date": "2019-11-09T11:20:57Z",
"generator": {
"date": "2019-11-09T11:20:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2451-1",
"initial_release_date": "2019-11-09T11:20:57Z",
"revision_history": [
{
"date": "2019-11-09T11:20:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"product_id": "MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"product_id": "MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64",
"product": {
"name": "firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64",
"product_id": "firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
},
"product_reference": "firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11757"
}
],
"notes": [
{
"category": "general",
"text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11757",
"url": "https://www.suse.com/security/cve/CVE-2019-11757"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11757",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11757"
},
{
"cve": "CVE-2019-11758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11758",
"url": "https://www.suse.com/security/cve/CVE-2019-11758"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11758",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11758"
},
{
"cve": "CVE-2019-11759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11759"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11759",
"url": "https://www.suse.com/security/cve/CVE-2019-11759"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11759",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11759"
},
{
"cve": "CVE-2019-11760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11760"
}
],
"notes": [
{
"category": "general",
"text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11760",
"url": "https://www.suse.com/security/cve/CVE-2019-11760"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11760",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11760"
},
{
"cve": "CVE-2019-11761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11761"
}
],
"notes": [
{
"category": "general",
"text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11761",
"url": "https://www.suse.com/security/cve/CVE-2019-11761"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11761",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11761"
},
{
"cve": "CVE-2019-11762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11762"
}
],
"notes": [
{
"category": "general",
"text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11762",
"url": "https://www.suse.com/security/cve/CVE-2019-11762"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11762",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11762"
},
{
"cve": "CVE-2019-11763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11763"
}
],
"notes": [
{
"category": "general",
"text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11763",
"url": "https://www.suse.com/security/cve/CVE-2019-11763"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11763",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11763"
},
{
"cve": "CVE-2019-11764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11764",
"url": "https://www.suse.com/security/cve/CVE-2019-11764"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11764",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-11764"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-openSUSE-68-lp151.3.3.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-68.2.0-lp151.2.18.2.x86_64",
"openSUSE Leap 15.1:firefox-esr-branding-openSUSE-68-lp151.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:20:57Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2452-1
Vulnerability from csaf_opensuse - Published: 2019-11-09 11:21 - Updated: 2019-11-09 11:21Summary
Recommended update for MozillaThunderbird
Severity
Important
Notes
Title of the patch: Recommended update for MozillaThunderbird
Description of the patch: This update for MozillaThunderbird to version 68.2.1 provides the following fixes:
- Security issues fixed (bsc#1154738):
* CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).
* CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).
* CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).
* CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).
* CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).
* CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).
* CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).
* CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).
* CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).
Other fixes (bsc#1153879):
* Some attachments couldn't be opened in messages originating from MS Outlook 2016.
* Address book import from CSV.
* Performance problem in message body search.
* Ctrl+Enter to send a message would open an attachment if the attachment pane had focus.
* Calendar: Issues with 'Today Pane' start-up.
* Calendar: Glitches with custom repeat and reminder number input.
* Calendar: Problems with WCAP provider.
* A language for the user interface can now be chosen in
the advanced settings
* Fixed an issue with Google authentication (OAuth2)
* Fixed an issue where selected or unread messages were not
shown in the correct color in the thread pane under some
circumstances
* Fixed an issue where when using a language pack, names of
standard folders were not localized (bsc#1149126)
* Fixed an issue where the address book default startup directory
in preferences panel not persisted
* Fixed various visual glitches
* Fixed issues with the chat
* Fixed building with rust >= 1.38.
* Fixrd LTO build without PGO.
* Removed kde.js since disabling instantApply breaks extensions and is now obsolete with
the move to HTML views for preferences. (bsc#1151186)
* Updated create-tar.sh. (bsc#1152778)
* Deactivated the crashreporter for the last remaining arch.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2452
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird to version 68.2.1 provides the following fixes:\n\n- Security issues fixed (bsc#1154738):\n * CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nOther fixes (bsc#1153879):\n * Some attachments couldn\u0027t be opened in messages originating from MS Outlook 2016.\n * Address book import from CSV.\n * Performance problem in message body search.\n * Ctrl+Enter to send a message would open an attachment if the attachment pane had focus.\n * Calendar: Issues with \u0027Today Pane\u0027 start-up.\n * Calendar: Glitches with custom repeat and reminder number input.\n * Calendar: Problems with WCAP provider.\n * A language for the user interface can now be chosen in\n the advanced settings \n * Fixed an issue with Google authentication (OAuth2)\n * Fixed an issue where selected or unread messages were not \n shown in the correct color in the thread pane under some\n circumstances\n * Fixed an issue where when using a language pack, names of \n standard folders were not localized (bsc#1149126)\n * Fixed an issue where the address book default startup directory \n in preferences panel not persisted\n * Fixed various visual glitches\n * Fixed issues with the chat\n * Fixed building with rust \u003e= 1.38.\n * Fixrd LTO build without PGO.\n * Removed kde.js since disabling instantApply breaks extensions and is now obsolete with\n the move to HTML views for preferences. (bsc#1151186)\n * Updated create-tar.sh. (bsc#1152778)\n * Deactivated the crashreporter for the last remaining arch.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2452",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2452-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2452-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MOTGZDQMJE6HU6RXRSOTDTGAHLJOOFJB/#MOTGZDQMJE6HU6RXRSOTDTGAHLJOOFJB"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2452-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MOTGZDQMJE6HU6RXRSOTDTGAHLJOOFJB/#MOTGZDQMJE6HU6RXRSOTDTGAHLJOOFJB"
},
{
"category": "self",
"summary": "SUSE Bug 1149126",
"url": "https://bugzilla.suse.com/1149126"
},
{
"category": "self",
"summary": "SUSE Bug 1149429",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "self",
"summary": "SUSE Bug 1151186",
"url": "https://bugzilla.suse.com/1151186"
},
{
"category": "self",
"summary": "SUSE Bug 1152778",
"url": "https://bugzilla.suse.com/1152778"
},
{
"category": "self",
"summary": "SUSE Bug 1153879",
"url": "https://bugzilla.suse.com/1153879"
},
{
"category": "self",
"summary": "SUSE Bug 1154738",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11757 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11758 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11759 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11760 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11761 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11762 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11763 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11764 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Recommended update for MozillaThunderbird",
"tracking": {
"current_release_date": "2019-11-09T11:21:24Z",
"generator": {
"date": "2019-11-09T11:21:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2452-1",
"initial_release_date": "2019-11-09T11:21:24Z",
"revision_history": [
{
"date": "2019-11-09T11:21:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"product": {
"name": "MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"product_id": "MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64"
},
"product_reference": "MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11757"
}
],
"notes": [
{
"category": "general",
"text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11757",
"url": "https://www.suse.com/security/cve/CVE-2019-11757"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11757",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11757"
},
{
"cve": "CVE-2019-11758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11758",
"url": "https://www.suse.com/security/cve/CVE-2019-11758"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11758",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11758"
},
{
"cve": "CVE-2019-11759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11759"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11759",
"url": "https://www.suse.com/security/cve/CVE-2019-11759"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11759",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11759"
},
{
"cve": "CVE-2019-11760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11760"
}
],
"notes": [
{
"category": "general",
"text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11760",
"url": "https://www.suse.com/security/cve/CVE-2019-11760"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11760",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11760"
},
{
"cve": "CVE-2019-11761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11761"
}
],
"notes": [
{
"category": "general",
"text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11761",
"url": "https://www.suse.com/security/cve/CVE-2019-11761"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11761",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11761"
},
{
"cve": "CVE-2019-11762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11762"
}
],
"notes": [
{
"category": "general",
"text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11762",
"url": "https://www.suse.com/security/cve/CVE-2019-11762"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11762",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11762"
},
{
"cve": "CVE-2019-11763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11763"
}
],
"notes": [
{
"category": "general",
"text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11763",
"url": "https://www.suse.com/security/cve/CVE-2019-11763"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11763",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11763"
},
{
"cve": "CVE-2019-11764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11764",
"url": "https://www.suse.com/security/cve/CVE-2019-11764"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11764",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-11764"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.2.1-lp151.2.16.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.2.1-lp151.2.16.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T11:21:24Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2459-1
Vulnerability from csaf_opensuse - Published: 2019-11-09 12:47 - Updated: 2019-11-09 12:47Summary
Security update for MozillaFirefox, MozillaFirefox-branding-SLE
Severity
Important
Notes
Title of the patch: Security update for MozillaFirefox, MozillaFirefox-branding-SLE
Description of the patch: This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues:
Changes in MozillaFirefox:
Security issues fixed:
- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).
- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).
- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).
- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).
- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).
- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).
- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).
- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).
- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).
Non-security issues fixed:
- Added Provides-line for translations-common (bsc#1153423) .
- Moved some settings from branding-package here (bsc#1153869).
- Disabled DoH by default.
Changes in MozillaFirefox-branding-SLE:
- Moved extensions preferences to core package (bsc#1153869).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2459
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
41 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues:\n\nChanges in MozillaFirefox:\n\nSecurity issues fixed:\n\n- CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n- CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n- CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n- CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n- CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n- CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n- CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n- CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n- CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nNon-security issues fixed:\n\n- Added Provides-line for translations-common (bsc#1153423) .\n- Moved some settings from branding-package here (bsc#1153869).\n- Disabled DoH by default.\n\nChanges in MozillaFirefox-branding-SLE:\n\n- Moved extensions preferences to core package (bsc#1153869).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2459",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2459-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2459-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LFFTUGZUT6RBMXE667KP6UIOCTQIRDNS/#LFFTUGZUT6RBMXE667KP6UIOCTQIRDNS"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2459-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LFFTUGZUT6RBMXE667KP6UIOCTQIRDNS/#LFFTUGZUT6RBMXE667KP6UIOCTQIRDNS"
},
{
"category": "self",
"summary": "SUSE Bug 1104841",
"url": "https://bugzilla.suse.com/1104841"
},
{
"category": "self",
"summary": "SUSE Bug 1129528",
"url": "https://bugzilla.suse.com/1129528"
},
{
"category": "self",
"summary": "SUSE Bug 1137990",
"url": "https://bugzilla.suse.com/1137990"
},
{
"category": "self",
"summary": "SUSE Bug 1149429",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "self",
"summary": "SUSE Bug 1151186",
"url": "https://bugzilla.suse.com/1151186"
},
{
"category": "self",
"summary": "SUSE Bug 1153423",
"url": "https://bugzilla.suse.com/1153423"
},
{
"category": "self",
"summary": "SUSE Bug 1153869",
"url": "https://bugzilla.suse.com/1153869"
},
{
"category": "self",
"summary": "SUSE Bug 1154738",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11757 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11758 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11759 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11760 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11761 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11762 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11763 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11764 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for MozillaFirefox, MozillaFirefox-branding-SLE",
"tracking": {
"current_release_date": "2019-11-09T12:47:13Z",
"generator": {
"date": "2019-11-09T12:47:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2459-1",
"initial_release_date": "2019-11-09T12:47:13Z",
"revision_history": [
{
"date": "2019-11-09T12:47:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"product_id": "MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"product_id": "MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64"
}
},
{
"category": "product_version",
"name": "firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64",
"product": {
"name": "firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64",
"product_id": "firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
},
"product_reference": "firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11757"
}
],
"notes": [
{
"category": "general",
"text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11757",
"url": "https://www.suse.com/security/cve/CVE-2019-11757"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11757",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11757"
},
{
"cve": "CVE-2019-11758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11758",
"url": "https://www.suse.com/security/cve/CVE-2019-11758"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11758",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11758"
},
{
"cve": "CVE-2019-11759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11759"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11759",
"url": "https://www.suse.com/security/cve/CVE-2019-11759"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11759",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11759"
},
{
"cve": "CVE-2019-11760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11760"
}
],
"notes": [
{
"category": "general",
"text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11760",
"url": "https://www.suse.com/security/cve/CVE-2019-11760"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11760",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11760"
},
{
"cve": "CVE-2019-11761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11761"
}
],
"notes": [
{
"category": "general",
"text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11761",
"url": "https://www.suse.com/security/cve/CVE-2019-11761"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11761",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11761"
},
{
"cve": "CVE-2019-11762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11762"
}
],
"notes": [
{
"category": "general",
"text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11762",
"url": "https://www.suse.com/security/cve/CVE-2019-11762"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11762",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11762"
},
{
"cve": "CVE-2019-11763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11763"
}
],
"notes": [
{
"category": "general",
"text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11763",
"url": "https://www.suse.com/security/cve/CVE-2019-11763"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11763",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11763"
},
{
"cve": "CVE-2019-11764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11764",
"url": "https://www.suse.com/security/cve/CVE-2019-11764"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11764",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-11764"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaFirefox-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-openSUSE-68-lp150.3.3.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-branding-upstream-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-buildsymbols-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-devel-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-common-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:MozillaFirefox-translations-other-68.2.0-lp150.3.71.1.x86_64",
"openSUSE Leap 15.0:firefox-esr-branding-openSUSE-68-lp150.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:47:13Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2019:2464-1
Vulnerability from csaf_opensuse - Published: 2019-11-09 12:48 - Updated: 2019-11-09 12:48Summary
Recommended update for MozillaThunderbird
Severity
Important
Notes
Title of the patch: Recommended update for MozillaThunderbird
Description of the patch: This update for MozillaThunderbird to version 68.2.1 provides the following fixes:
- Security issues fixed (bsc#1154738):
* CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).
* CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).
* CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).
* CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).
* CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).
* CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).
* CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).
* CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).
* CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).
Other fixes (bsc#1153879):
* Some attachments couldn't be opened in messages originating from MS Outlook 2016.
* Address book import from CSV.
* Performance problem in message body search.
* Ctrl+Enter to send a message would open an attachment if the attachment pane had focus.
* Calendar: Issues with 'Today Pane' start-up.
* Calendar: Glitches with custom repeat and reminder number input.
* Calendar: Problems with WCAP provider.
* A language for the user interface can now be chosen in
the advanced settings
* Fixed an issue with Google authentication (OAuth2)
* Fixed an issue where selected or unread messages were not
shown in the correct color in the thread pane under some
circumstances
* Fixed an issue where when using a language pack, names of
standard folders were not localized (bsc#1149126)
* Fixed an issue where the address book default startup directory
in preferences panel not persisted
* Fixed various visual glitches
* Fixed issues with the chat
* Fixed building with rust >= 1.38.
* Fixrd LTO build without PGO.
* Removed kde.js since disabling instantApply breaks extensions and is now obsolete with
the move to HTML views for preferences. (bsc#1151186)
* Updated create-tar.sh. (bsc#1152778)
* Deactivated the crashreporter for the last remaining arch.
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-2464
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.4 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.1 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
39 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird to version 68.2.1 provides the following fixes:\n\n- Security issues fixed (bsc#1154738):\n * CVE-2019-15903: Fixed a heap overflow in the expat library (bsc#1149429).\n * CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB (bsc#1154738).\n * CVE-2019-11758: Fixed a potentially exploitable crash due to 360 Total Security (bsc#1154738).\n * CVE-2019-11759: Fixed a stack buffer overflow in HKDF output (bsc#1154738).\n * CVE-2019-11760: Fixed a stack buffer overflow in WebRTC networking (bsc#1154738).\n * CVE-2019-11761: Fixed an unintended access to a privileged JSONView object (bsc#1154738).\n * CVE-2019-11762: Fixed a same-origin-property violation (bsc#1154738).\n * CVE-2019-11763: Fixed an XSS bypass (bsc#1154738).\n * CVE-2019-11764: Fixed several memory safety bugs (bsc#1154738).\n\nOther fixes (bsc#1153879):\n * Some attachments couldn\u0027t be opened in messages originating from MS Outlook 2016.\n * Address book import from CSV.\n * Performance problem in message body search.\n * Ctrl+Enter to send a message would open an attachment if the attachment pane had focus.\n * Calendar: Issues with \u0027Today Pane\u0027 start-up.\n * Calendar: Glitches with custom repeat and reminder number input.\n * Calendar: Problems with WCAP provider.\n * A language for the user interface can now be chosen in\n the advanced settings \n * Fixed an issue with Google authentication (OAuth2)\n * Fixed an issue where selected or unread messages were not \n shown in the correct color in the thread pane under some\n circumstances\n * Fixed an issue where when using a language pack, names of \n standard folders were not localized (bsc#1149126)\n * Fixed an issue where the address book default startup directory \n in preferences panel not persisted\n * Fixed various visual glitches\n * Fixed issues with the chat\n * Fixed building with rust \u003e= 1.38.\n * Fixrd LTO build without PGO.\n * Removed kde.js since disabling instantApply breaks extensions and is now obsolete with\n the move to HTML views for preferences. (bsc#1151186)\n * Updated create-tar.sh. (bsc#1152778)\n * Deactivated the crashreporter for the last remaining arch.\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-2464",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2464-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:2464-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX/#ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:2464-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX/#ISVN7BSIYJ7GDXZNJMHOFE6I6LYX7RUX"
},
{
"category": "self",
"summary": "SUSE Bug 1149126",
"url": "https://bugzilla.suse.com/1149126"
},
{
"category": "self",
"summary": "SUSE Bug 1149429",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "self",
"summary": "SUSE Bug 1151186",
"url": "https://bugzilla.suse.com/1151186"
},
{
"category": "self",
"summary": "SUSE Bug 1152778",
"url": "https://bugzilla.suse.com/1152778"
},
{
"category": "self",
"summary": "SUSE Bug 1153879",
"url": "https://bugzilla.suse.com/1153879"
},
{
"category": "self",
"summary": "SUSE Bug 1154738",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11757 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11758 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11759 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11760 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11761 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11762 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11763 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11764 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Recommended update for MozillaThunderbird",
"tracking": {
"current_release_date": "2019-11-09T12:48:20Z",
"generator": {
"date": "2019-11-09T12:48:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:2464-1",
"initial_release_date": "2019-11-09T12:48:20Z",
"revision_history": [
{
"date": "2019-11-09T12:48:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"product": {
"name": "MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"product_id": "MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64"
},
"product_reference": "MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11757"
}
],
"notes": [
{
"category": "general",
"text": "When following the value\u0027s prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This resulted in a use-after-free and a potentially exploitable crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11757",
"url": "https://www.suse.com/security/cve/CVE-2019-11757"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11757",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11757"
},
{
"cve": "CVE-2019-11758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11758"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla community member Philipp reported a memory safety bug present in Firefox 68 when 360 Total Security was installed. This bug showed evidence of memory corruption in the accessibility engine and we presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 69, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11758",
"url": "https://www.suse.com/security/cve/CVE-2019-11758"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11758",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11758"
},
{
"cve": "CVE-2019-11759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11759"
}
],
"notes": [
{
"category": "general",
"text": "An attacker could have caused 4 bytes of HMAC output to be written past the end of a buffer stored on the stack. This could be used by an attacker to execute arbitrary code or more likely lead to a crash. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11759",
"url": "https://www.suse.com/security/cve/CVE-2019-11759"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11759",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11759"
},
{
"cve": "CVE-2019-11760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11760"
}
],
"notes": [
{
"category": "general",
"text": "A fixed-size stack buffer could overflow in nrappkit when doing WebRTC signaling. This resulted in a potentially exploitable crash in some instances. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11760",
"url": "https://www.suse.com/security/cve/CVE-2019-11760"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11760",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11760"
},
{
"cve": "CVE-2019-11761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11761"
}
],
"notes": [
{
"category": "general",
"text": "By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11761",
"url": "https://www.suse.com/security/cve/CVE-2019-11761"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11761",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11761"
},
{
"cve": "CVE-2019-11762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11762"
}
],
"notes": [
{
"category": "general",
"text": "If two same-origin documents set document.domain differently to become cross-origin, it was possible for them to call arbitrary DOM methods/getters/setters on the now-cross-origin window. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11762",
"url": "https://www.suse.com/security/cve/CVE-2019-11762"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11762",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11762"
},
{
"cve": "CVE-2019-11763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11763"
}
],
"notes": [
{
"category": "general",
"text": "Failure to correctly handle null bytes when processing HTML entities resulted in Firefox incorrectly parsing these entities. This could have led to HTML comment text being treated as HTML which could have led to XSS in a web application under certain conditions. It could have also led to HTML entities being masked from filters - enabling the use of entities to mask the actual characters of interest from filters. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11763",
"url": "https://www.suse.com/security/cve/CVE-2019-11763"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11763",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11763"
},
{
"cve": "CVE-2019-11764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11764"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 69 and Firefox ESR 68.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could be exploited to run arbitrary code. This vulnerability affects Firefox \u003c 70, Thunderbird \u003c 68.2, and Firefox ESR \u003c 68.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11764",
"url": "https://www.suse.com/security/cve/CVE-2019-11764"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-11764",
"url": "https://bugzilla.suse.com/1154738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-11764"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.0:MozillaThunderbird-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-common-68.2.1-lp150.3.54.1.x86_64",
"openSUSE Leap 15.0:MozillaThunderbird-translations-other-68.2.1-lp150.3.54.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-11-09T12:48:20Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2020:0010-1
Vulnerability from csaf_opensuse - Published: 2020-01-13 05:16 - Updated: 2020-01-13 05:16Summary
Security update for chromium, re2
Severity
Important
Notes
Title of the patch: Security update for chromium, re2
Description of the patch: This update for chromium, re2 fixes the following issues:
Chromium was updated to 78.0.3904.70 boo#1154806:
* CVE-2019-13699: Use-after-free in media
* CVE-2019-13700: Buffer overrun in Blink
* CVE-2019-13701: URL spoof in navigation
* CVE-2019-13702: Privilege elevation in Installer
* CVE-2019-13703: URL bar spoofing
* CVE-2019-13704: CSP bypass
* CVE-2019-13705: Extension permission bypass
* CVE-2019-13706: Out-of-bounds read in PDFium
* CVE-2019-13707: File storage disclosure
* CVE-2019-13708: HTTP authentication spoof
* CVE-2019-13709: File download protection bypass
* CVE-2019-13710: File download protection bypass
* CVE-2019-13711: Cross-context information leak
* CVE-2019-15903: Buffer overflow in expat
* CVE-2019-13713: Cross-origin data leak
* CVE-2019-13714: CSS injection
* CVE-2019-13715: Address bar spoofing
* CVE-2019-13716: Service worker state error
* CVE-2019-13717: Notification obscured
* CVE-2019-13718: IDN spoof
* CVE-2019-13719: Notification obscured
* Various fixes from internal audits, fuzzing and other initiatives
- Use internal resources for icon and appdata
This update was imported from the openSUSE:Leap:15.0:Update update project.
Patchnames: openSUSE-2020-10
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
70 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for chromium, re2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for chromium, re2 fixes the following issues:\n\nChromium was updated to 78.0.3904.70 boo#1154806:\n\n* CVE-2019-13699: Use-after-free in media\n* CVE-2019-13700: Buffer overrun in Blink\n* CVE-2019-13701: URL spoof in navigation\n* CVE-2019-13702: Privilege elevation in Installer\n* CVE-2019-13703: URL bar spoofing\n* CVE-2019-13704: CSP bypass\n* CVE-2019-13705: Extension permission bypass\n* CVE-2019-13706: Out-of-bounds read in PDFium\n* CVE-2019-13707: File storage disclosure\n* CVE-2019-13708: HTTP authentication spoof\n* CVE-2019-13709: File download protection bypass\n* CVE-2019-13710: File download protection bypass\n* CVE-2019-13711: Cross-context information leak\n* CVE-2019-15903: Buffer overflow in expat\n* CVE-2019-13713: Cross-origin data leak\n* CVE-2019-13714: CSS injection\n* CVE-2019-13715: Address bar spoofing\n* CVE-2019-13716: Service worker state error\n* CVE-2019-13717: Notification obscured\n* CVE-2019-13718: IDN spoof\n* CVE-2019-13719: Notification obscured\n* Various fixes from internal audits, fuzzing and other initiatives\n\n- Use internal resources for icon and appdata\n\n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-10",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0010-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0010-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NHWBJKQPSZZUXFRQCXMMXQYJB6ONVGNX/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0010-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NHWBJKQPSZZUXFRQCXMMXQYJB6ONVGNX/"
},
{
"category": "self",
"summary": "SUSE Bug 1154806",
"url": "https://bugzilla.suse.com/1154806"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13699 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13700 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13701 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13702 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13703 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13704 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13705 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13706 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13707 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13708 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13709 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13710 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13711 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13713 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13714 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13715 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13716 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13717 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13717/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13718 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13719 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
}
],
"title": "Security update for chromium, re2",
"tracking": {
"current_release_date": "2020-01-13T05:16:29Z",
"generator": {
"date": "2020-01-13T05:16:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0010-1",
"initial_release_date": "2020-01-13T05:16:29Z",
"revision_history": [
{
"date": "2020-01-13T05:16:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.50.1.aarch64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"product_id": "chromium-78.0.3904.70-bp151.3.50.1.aarch64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.9.1.aarch64",
"product": {
"name": "libre2-0-20190901-bp151.6.9.1.aarch64",
"product_id": "libre2-0-20190901-bp151.6.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.9.1.aarch64",
"product": {
"name": "re2-devel-20190901-bp151.6.9.1.aarch64",
"product_id": "re2-devel-20190901-bp151.6.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"product": {
"name": "libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"product_id": "libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.9.1.ppc64le",
"product": {
"name": "libre2-0-20190901-bp151.6.9.1.ppc64le",
"product_id": "libre2-0-20190901-bp151.6.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.9.1.ppc64le",
"product": {
"name": "re2-devel-20190901-bp151.6.9.1.ppc64le",
"product_id": "re2-devel-20190901-bp151.6.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.9.1.s390x",
"product": {
"name": "libre2-0-20190901-bp151.6.9.1.s390x",
"product_id": "libre2-0-20190901-bp151.6.9.1.s390x"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.9.1.s390x",
"product": {
"name": "re2-devel-20190901-bp151.6.9.1.s390x",
"product_id": "re2-devel-20190901-bp151.6.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"product": {
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"product_id": "chromedriver-78.0.3904.70-bp151.3.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"product": {
"name": "chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"product_id": "chromium-78.0.3904.70-bp151.3.50.1.x86_64"
}
},
{
"category": "product_version",
"name": "libre2-0-20190901-bp151.6.9.1.x86_64",
"product": {
"name": "libre2-0-20190901-bp151.6.9.1.x86_64",
"product_id": "libre2-0-20190901-bp151.6.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "re2-devel-20190901-bp151.6.9.1.x86_64",
"product": {
"name": "re2-devel-20190901-bp151.6.9.1.x86_64",
"product_id": "re2-devel-20190901-bp151.6.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromedriver-78.0.3904.70-bp151.3.50.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64"
},
"product_reference": "chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.50.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "chromium-78.0.3904.70-bp151.3.50.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64"
},
"product_reference": "chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.9.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64"
},
"product_reference": "libre2-0-20190901-bp151.6.9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.9.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le"
},
"product_reference": "libre2-0-20190901-bp151.6.9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.9.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x"
},
"product_reference": "libre2-0-20190901-bp151.6.9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-20190901-bp151.6.9.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64"
},
"product_reference": "libre2-0-20190901-bp151.6.9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32"
},
"product_reference": "libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.9.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64"
},
"product_reference": "re2-devel-20190901-bp151.6.9.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.9.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le"
},
"product_reference": "re2-devel-20190901-bp151.6.9.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.9.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x"
},
"product_reference": "re2-devel-20190901-bp151.6.9.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "re2-devel-20190901-bp151.6.9.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
},
"product_reference": "re2-devel-20190901-bp151.6.9.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-13699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13699"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13699",
"url": "https://www.suse.com/security/cve/CVE-2019-13699"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13699",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "important"
}
],
"title": "CVE-2019-13699"
},
{
"cve": "CVE-2019-13700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13700"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in the gamepad API in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13700",
"url": "https://www.suse.com/security/cve/CVE-2019-13700"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13700",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "important"
}
],
"title": "CVE-2019-13700"
},
{
"cve": "CVE-2019-13701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13701"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect implementation in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13701",
"url": "https://www.suse.com/security/cve/CVE-2019-13701"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13701",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13701"
},
{
"cve": "CVE-2019-13702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13702"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13702",
"url": "https://www.suse.com/security/cve/CVE-2019-13702"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13702",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "important"
}
],
"title": "CVE-2019-13702"
},
{
"cve": "CVE-2019-13703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13703"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in the Omnibox in Google Chrome on Android prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13703",
"url": "https://www.suse.com/security/cve/CVE-2019-13703"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13703",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13703"
},
{
"cve": "CVE-2019-13704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13704"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in navigation in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass content security policy via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13704",
"url": "https://www.suse.com/security/cve/CVE-2019-13704"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13704",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13704"
},
{
"cve": "CVE-2019-13705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13705"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13705",
"url": "https://www.suse.com/security/cve/CVE-2019-13705"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13705",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13705"
},
{
"cve": "CVE-2019-13706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13706"
}
],
"notes": [
{
"category": "general",
"text": "Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13706",
"url": "https://www.suse.com/security/cve/CVE-2019-13706"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13706",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "important"
}
],
"title": "CVE-2019-13706"
},
{
"cve": "CVE-2019-13707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13707"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in intents in Google Chrome on Android prior to 78.0.3904.70 allowed a local attacker to leak files via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13707",
"url": "https://www.suse.com/security/cve/CVE-2019-13707"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13707",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13707"
},
{
"cve": "CVE-2019-13708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13708"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in navigation in Google Chrome on iOS prior to 78.0.3904.70 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13708",
"url": "https://www.suse.com/security/cve/CVE-2019-13708"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13708",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13708"
},
{
"cve": "CVE-2019-13709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13709"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13709",
"url": "https://www.suse.com/security/cve/CVE-2019-13709"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13709",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13709"
},
{
"cve": "CVE-2019-13710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13710"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in downloads in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass download restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13710",
"url": "https://www.suse.com/security/cve/CVE-2019-13710"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13710",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13710"
},
{
"cve": "CVE-2019-13711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13711"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13711",
"url": "https://www.suse.com/security/cve/CVE-2019-13711"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13711",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13711"
},
{
"cve": "CVE-2019-13713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13713"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13713",
"url": "https://www.suse.com/security/cve/CVE-2019-13713"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13713",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13713"
},
{
"cve": "CVE-2019-13714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13714"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Color Enhancer extension in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to inject CSS into an HTML page via a crafted URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13714",
"url": "https://www.suse.com/security/cve/CVE-2019-13714"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13714",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13714"
},
{
"cve": "CVE-2019-13715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13715"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13715",
"url": "https://www.suse.com/security/cve/CVE-2019-13715"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13715",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13715"
},
{
"cve": "CVE-2019-13716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13716"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13716",
"url": "https://www.suse.com/security/cve/CVE-2019-13716"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13716",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13716"
},
{
"cve": "CVE-2019-13717",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13717"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13717",
"url": "https://www.suse.com/security/cve/CVE-2019-13717"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13717",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13717"
},
{
"cve": "CVE-2019-13718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13718"
}
],
"notes": [
{
"category": "general",
"text": "Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13718",
"url": "https://www.suse.com/security/cve/CVE-2019-13718"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13718",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13718"
},
{
"cve": "CVE-2019-13719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13719"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13719",
"url": "https://www.suse.com/security/cve/CVE-2019-13719"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-13719",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "moderate"
}
],
"title": "CVE-2019-13719"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromedriver-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.aarch64",
"SUSE Package Hub 15 SP1:chromium-78.0.3904.70-bp151.3.50.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:libre2-0-20190901-bp151.6.9.1.x86_64",
"SUSE Package Hub 15 SP1:libre2-0-64bit-20190901-bp151.6.9.1.aarch64_ilp32",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.aarch64",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.ppc64le",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.s390x",
"SUSE Package Hub 15 SP1:re2-devel-20190901-bp151.6.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-13T05:16:29Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
}
]
}
OPENSUSE-SU-2020:0086-1
Vulnerability from csaf_opensuse - Published: 2020-01-21 15:12 - Updated: 2020-01-21 15:12Summary
Security update for python3
Severity
Important
Notes
Title of the patch: Security update for python3
Description of the patch: This update for python3 to version 3.6.10 fixes the following issues:
- CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507).
- CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955).
- CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2020-86
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.8 (Critical)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
180 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python3",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python3 to version 3.6.10 fixes the following issues:\n\n- CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507).\n- CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955).\n- CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-86",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_0086-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:0086-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SRKGGFVSV7DDWCMAOSO6E3F66U2CF5XR/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:0086-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SRKGGFVSV7DDWCMAOSO6E3F66U2CF5XR/"
},
{
"category": "self",
"summary": "SUSE Bug 1027282",
"url": "https://bugzilla.suse.com/1027282"
},
{
"category": "self",
"summary": "SUSE Bug 1029377",
"url": "https://bugzilla.suse.com/1029377"
},
{
"category": "self",
"summary": "SUSE Bug 1029902",
"url": "https://bugzilla.suse.com/1029902"
},
{
"category": "self",
"summary": "SUSE Bug 1040164",
"url": "https://bugzilla.suse.com/1040164"
},
{
"category": "self",
"summary": "SUSE Bug 1042670",
"url": "https://bugzilla.suse.com/1042670"
},
{
"category": "self",
"summary": "SUSE Bug 1070853",
"url": "https://bugzilla.suse.com/1070853"
},
{
"category": "self",
"summary": "SUSE Bug 1079761",
"url": "https://bugzilla.suse.com/1079761"
},
{
"category": "self",
"summary": "SUSE Bug 1081750",
"url": "https://bugzilla.suse.com/1081750"
},
{
"category": "self",
"summary": "SUSE Bug 1083507",
"url": "https://bugzilla.suse.com/1083507"
},
{
"category": "self",
"summary": "SUSE Bug 1086001",
"url": "https://bugzilla.suse.com/1086001"
},
{
"category": "self",
"summary": "SUSE Bug 1088004",
"url": "https://bugzilla.suse.com/1088004"
},
{
"category": "self",
"summary": "SUSE Bug 1088009",
"url": "https://bugzilla.suse.com/1088009"
},
{
"category": "self",
"summary": "SUSE Bug 1088573",
"url": "https://bugzilla.suse.com/1088573"
},
{
"category": "self",
"summary": "SUSE Bug 1094814",
"url": "https://bugzilla.suse.com/1094814"
},
{
"category": "self",
"summary": "SUSE Bug 1107030",
"url": "https://bugzilla.suse.com/1107030"
},
{
"category": "self",
"summary": "SUSE Bug 1109663",
"url": "https://bugzilla.suse.com/1109663"
},
{
"category": "self",
"summary": "SUSE Bug 1109847",
"url": "https://bugzilla.suse.com/1109847"
},
{
"category": "self",
"summary": "SUSE Bug 1120644",
"url": "https://bugzilla.suse.com/1120644"
},
{
"category": "self",
"summary": "SUSE Bug 1122191",
"url": "https://bugzilla.suse.com/1122191"
},
{
"category": "self",
"summary": "SUSE Bug 1129346",
"url": "https://bugzilla.suse.com/1129346"
},
{
"category": "self",
"summary": "SUSE Bug 1130840",
"url": "https://bugzilla.suse.com/1130840"
},
{
"category": "self",
"summary": "SUSE Bug 1133452",
"url": "https://bugzilla.suse.com/1133452"
},
{
"category": "self",
"summary": "SUSE Bug 1137942",
"url": "https://bugzilla.suse.com/1137942"
},
{
"category": "self",
"summary": "SUSE Bug 1138459",
"url": "https://bugzilla.suse.com/1138459"
},
{
"category": "self",
"summary": "SUSE Bug 1141853",
"url": "https://bugzilla.suse.com/1141853"
},
{
"category": "self",
"summary": "SUSE Bug 1149121",
"url": "https://bugzilla.suse.com/1149121"
},
{
"category": "self",
"summary": "SUSE Bug 1149792",
"url": "https://bugzilla.suse.com/1149792"
},
{
"category": "self",
"summary": "SUSE Bug 1149955",
"url": "https://bugzilla.suse.com/1149955"
},
{
"category": "self",
"summary": "SUSE Bug 1151490",
"url": "https://bugzilla.suse.com/1151490"
},
{
"category": "self",
"summary": "SUSE Bug 1153238",
"url": "https://bugzilla.suse.com/1153238"
},
{
"category": "self",
"summary": "SUSE Bug 1159035",
"url": "https://bugzilla.suse.com/1159035"
},
{
"category": "self",
"summary": "SUSE Bug 1159622",
"url": "https://bugzilla.suse.com/1159622"
},
{
"category": "self",
"summary": "SUSE Bug 637176",
"url": "https://bugzilla.suse.com/637176"
},
{
"category": "self",
"summary": "SUSE Bug 658604",
"url": "https://bugzilla.suse.com/658604"
},
{
"category": "self",
"summary": "SUSE Bug 673071",
"url": "https://bugzilla.suse.com/673071"
},
{
"category": "self",
"summary": "SUSE Bug 709442",
"url": "https://bugzilla.suse.com/709442"
},
{
"category": "self",
"summary": "SUSE Bug 743787",
"url": "https://bugzilla.suse.com/743787"
},
{
"category": "self",
"summary": "SUSE Bug 747125",
"url": "https://bugzilla.suse.com/747125"
},
{
"category": "self",
"summary": "SUSE Bug 751718",
"url": "https://bugzilla.suse.com/751718"
},
{
"category": "self",
"summary": "SUSE Bug 754447",
"url": "https://bugzilla.suse.com/754447"
},
{
"category": "self",
"summary": "SUSE Bug 754677",
"url": "https://bugzilla.suse.com/754677"
},
{
"category": "self",
"summary": "SUSE Bug 787526",
"url": "https://bugzilla.suse.com/787526"
},
{
"category": "self",
"summary": "SUSE Bug 809831",
"url": "https://bugzilla.suse.com/809831"
},
{
"category": "self",
"summary": "SUSE Bug 831629",
"url": "https://bugzilla.suse.com/831629"
},
{
"category": "self",
"summary": "SUSE Bug 834601",
"url": "https://bugzilla.suse.com/834601"
},
{
"category": "self",
"summary": "SUSE Bug 871152",
"url": "https://bugzilla.suse.com/871152"
},
{
"category": "self",
"summary": "SUSE Bug 885662",
"url": "https://bugzilla.suse.com/885662"
},
{
"category": "self",
"summary": "SUSE Bug 885882",
"url": "https://bugzilla.suse.com/885882"
},
{
"category": "self",
"summary": "SUSE Bug 917607",
"url": "https://bugzilla.suse.com/917607"
},
{
"category": "self",
"summary": "SUSE Bug 942751",
"url": "https://bugzilla.suse.com/942751"
},
{
"category": "self",
"summary": "SUSE Bug 951166",
"url": "https://bugzilla.suse.com/951166"
},
{
"category": "self",
"summary": "SUSE Bug 983582",
"url": "https://bugzilla.suse.com/983582"
},
{
"category": "self",
"summary": "SUSE Bug 984751",
"url": "https://bugzilla.suse.com/984751"
},
{
"category": "self",
"summary": "SUSE Bug 985177",
"url": "https://bugzilla.suse.com/985177"
},
{
"category": "self",
"summary": "SUSE Bug 985348",
"url": "https://bugzilla.suse.com/985348"
},
{
"category": "self",
"summary": "SUSE Bug 989523",
"url": "https://bugzilla.suse.com/989523"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-3389 page",
"url": "https://www.suse.com/security/cve/CVE-2011-3389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2011-4944 page",
"url": "https://www.suse.com/security/cve/CVE-2011-4944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0845 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-1150 page",
"url": "https://www.suse.com/security/cve/CVE-2012-1150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-1752 page",
"url": "https://www.suse.com/security/cve/CVE-2013-1752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4238 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-2667 page",
"url": "https://www.suse.com/security/cve/CVE-2014-2667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-4650 page",
"url": "https://www.suse.com/security/cve/CVE-2014-4650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0772 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1000110 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1000110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5636 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5699 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18207 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1000802 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1000802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1060 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1061 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14647 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20406 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20852 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10160 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-15903 page",
"url": "https://www.suse.com/security/cve/CVE-2019-15903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16056 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-16935 page",
"url": "https://www.suse.com/security/cve/CVE-2019-16935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-5010 page",
"url": "https://www.suse.com/security/cve/CVE-2019-5010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9636 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9947 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9947/"
}
],
"title": "Security update for python3",
"tracking": {
"current_release_date": "2020-01-21T15:12:01Z",
"generator": {
"date": "2020-01-21T15:12:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:0086-1",
"initial_release_date": "2020-01-21T15:12:01Z",
"revision_history": [
{
"date": "2020-01-21T15:12:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"product_id": "libpython3_6m1_0-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-base-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-base-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-base-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-curses-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-curses-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-curses-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-dbm-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-dbm-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-dbm-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-devel-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-devel-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-devel-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-idle-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-idle-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-idle-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-testsuite-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-testsuite-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-testsuite-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-tk-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-tk-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-tk-3.6.10-lp151.6.7.1.i586"
}
},
{
"category": "product_version",
"name": "python3-tools-3.6.10-lp151.6.7.1.i586",
"product": {
"name": "python3-tools-3.6.10-lp151.6.7.1.i586",
"product_id": "python3-tools-3.6.10-lp151.6.7.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"product_id": "libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"product_id": "libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-32bit-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-base-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-base-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-base-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-base-32bit-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-curses-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-curses-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-curses-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-dbm-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-devel-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-devel-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-devel-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-idle-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-idle-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-idle-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-testsuite-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-tk-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-tk-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-tk-3.6.10-lp151.6.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-tools-3.6.10-lp151.6.7.1.x86_64",
"product": {
"name": "python3-tools-3.6.10-lp151.6.7.1.x86_64",
"product_id": "python3-tools-3.6.10-lp151.6.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-32bit-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-base-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-base-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-base-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-base-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-base-32bit-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-curses-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-curses-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-curses-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-curses-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-dbm-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-dbm-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-dbm-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-devel-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-devel-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-devel-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-devel-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-idle-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-idle-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-idle-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-testsuite-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-testsuite-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-testsuite-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tk-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-tk-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tk-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-tk-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tools-3.6.10-lp151.6.7.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586"
},
"product_reference": "python3-tools-3.6.10-lp151.6.7.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-tools-3.6.10-lp151.6.7.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
},
"product_reference": "python3-tools-3.6.10-lp151.6.7.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-3389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-3389"
}
],
"notes": [
{
"category": "general",
"text": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-3389",
"url": "https://www.suse.com/security/cve/CVE-2011-3389"
},
{
"category": "external",
"summary": "SUSE Bug 716002 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/716002"
},
{
"category": "external",
"summary": "SUSE Bug 719047 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/719047"
},
{
"category": "external",
"summary": "SUSE Bug 725167 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/725167"
},
{
"category": "external",
"summary": "SUSE Bug 726096 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/726096"
},
{
"category": "external",
"summary": "SUSE Bug 739248 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/739248"
},
{
"category": "external",
"summary": "SUSE Bug 739256 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/739256"
},
{
"category": "external",
"summary": "SUSE Bug 742306 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/742306"
},
{
"category": "external",
"summary": "SUSE Bug 751718 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/751718"
},
{
"category": "external",
"summary": "SUSE Bug 759666 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/759666"
},
{
"category": "external",
"summary": "SUSE Bug 763598 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/763598"
},
{
"category": "external",
"summary": "SUSE Bug 814655 for CVE-2011-3389",
"url": "https://bugzilla.suse.com/814655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "low"
}
],
"title": "CVE-2011-3389"
},
{
"cve": "CVE-2011-4944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2011-4944"
}
],
"notes": [
{
"category": "general",
"text": "Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2011-4944",
"url": "https://www.suse.com/security/cve/CVE-2011-4944"
},
{
"category": "external",
"summary": "SUSE Bug 754447 for CVE-2011-4944",
"url": "https://bugzilla.suse.com/754447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "low"
}
],
"title": "CVE-2011-4944"
},
{
"cve": "CVE-2012-0845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0845"
}
],
"notes": [
{
"category": "general",
"text": "SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0845",
"url": "https://www.suse.com/security/cve/CVE-2012-0845"
},
{
"category": "external",
"summary": "SUSE Bug 747125 for CVE-2012-0845",
"url": "https://bugzilla.suse.com/747125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2012-0845"
},
{
"cve": "CVE-2012-1150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-1150"
}
],
"notes": [
{
"category": "general",
"text": "Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-1150",
"url": "https://www.suse.com/security/cve/CVE-2012-1150"
},
{
"category": "external",
"summary": "SUSE Bug 751718 for CVE-2012-1150",
"url": "https://bugzilla.suse.com/751718"
},
{
"category": "external",
"summary": "SUSE Bug 755383 for CVE-2012-1150",
"url": "https://bugzilla.suse.com/755383"
},
{
"category": "external",
"summary": "SUSE Bug 826682 for CVE-2012-1150",
"url": "https://bugzilla.suse.com/826682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2012-1150"
},
{
"cve": "CVE-2013-1752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-1752"
}
],
"notes": [
{
"category": "general",
"text": "Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2.6.9, 3.3.3; (3) imaplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; (4) nntplib - fixed in 2.7.6, 2.6.9, 3.3.3; (5) poplib - not yet fixed in 2.7.x, fixed in 2.6.9, 3.3.3; and (6) smtplib - not yet fixed in 2.7.x, fixed in 2.6.9, not yet fixed in 3.3.x. NOTE: this was REJECTed because it is incompatible with CNT1 \"Independently Fixable\" in the CVE Counting Decisions",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-1752",
"url": "https://www.suse.com/security/cve/CVE-2013-1752"
},
{
"category": "external",
"summary": "SUSE Bug 856835 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/856835"
},
{
"category": "external",
"summary": "SUSE Bug 856836 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/856836"
},
{
"category": "external",
"summary": "SUSE Bug 863741 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/863741"
},
{
"category": "external",
"summary": "SUSE Bug 885882 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/885882"
},
{
"category": "external",
"summary": "SUSE Bug 898572 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/898572"
},
{
"category": "external",
"summary": "SUSE Bug 912739 for CVE-2013-1752",
"url": "https://bugzilla.suse.com/912739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2013-1752"
},
{
"cve": "CVE-2013-4238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4238"
}
],
"notes": [
{
"category": "general",
"text": "The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a \u0027\\0\u0027 character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4238",
"url": "https://www.suse.com/security/cve/CVE-2013-4238"
},
{
"category": "external",
"summary": "SUSE Bug 834601 for CVE-2013-4238",
"url": "https://bugzilla.suse.com/834601"
},
{
"category": "external",
"summary": "SUSE Bug 839107 for CVE-2013-4238",
"url": "https://bugzilla.suse.com/839107"
},
{
"category": "external",
"summary": "SUSE Bug 882915 for CVE-2013-4238",
"url": "https://bugzilla.suse.com/882915"
},
{
"category": "external",
"summary": "SUSE Bug 912739 for CVE-2013-4238",
"url": "https://bugzilla.suse.com/912739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2013-4238"
},
{
"cve": "CVE-2014-2667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-2667"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has been set to the expected value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-2667",
"url": "https://www.suse.com/security/cve/CVE-2014-2667"
},
{
"category": "external",
"summary": "SUSE Bug 871152 for CVE-2014-2667",
"url": "https://bugzilla.suse.com/871152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2014-2667"
},
{
"cve": "CVE-2014-4650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-4650"
}
],
"notes": [
{
"category": "general",
"text": "The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-4650",
"url": "https://www.suse.com/security/cve/CVE-2014-4650"
},
{
"category": "external",
"summary": "SUSE Bug 856835 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/856835"
},
{
"category": "external",
"summary": "SUSE Bug 856836 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/856836"
},
{
"category": "external",
"summary": "SUSE Bug 863741 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/863741"
},
{
"category": "external",
"summary": "SUSE Bug 885882 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/885882"
},
{
"category": "external",
"summary": "SUSE Bug 898572 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/898572"
},
{
"category": "external",
"summary": "SUSE Bug 912739 for CVE-2014-4650",
"url": "https://bugzilla.suse.com/912739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2014-4650"
},
{
"cve": "CVE-2016-0772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0772"
}
],
"notes": [
{
"category": "general",
"text": "The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a \"StartTLS stripping attack.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0772",
"url": "https://www.suse.com/security/cve/CVE-2016-0772"
},
{
"category": "external",
"summary": "SUSE Bug 984751 for CVE-2016-0772",
"url": "https://bugzilla.suse.com/984751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2016-0772"
},
{
"cve": "CVE-2016-1000110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1000110"
}
],
"notes": [
{
"category": "general",
"text": "The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1000110",
"url": "https://www.suse.com/security/cve/CVE-2016-1000110"
},
{
"category": "external",
"summary": "SUSE Bug 988484 for CVE-2016-1000110",
"url": "https://bugzilla.suse.com/988484"
},
{
"category": "external",
"summary": "SUSE Bug 989523 for CVE-2016-1000110",
"url": "https://bugzilla.suse.com/989523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2016-1000110"
},
{
"cve": "CVE-2016-5636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5636"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5636",
"url": "https://www.suse.com/security/cve/CVE-2016-5636"
},
{
"category": "external",
"summary": "SUSE Bug 1065451 for CVE-2016-5636",
"url": "https://bugzilla.suse.com/1065451"
},
{
"category": "external",
"summary": "SUSE Bug 1106262 for CVE-2016-5636",
"url": "https://bugzilla.suse.com/1106262"
},
{
"category": "external",
"summary": "SUSE Bug 985177 for CVE-2016-5636",
"url": "https://bugzilla.suse.com/985177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2016-5636"
},
{
"cve": "CVE-2016-5699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5699"
}
],
"notes": [
{
"category": "general",
"text": "CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5699",
"url": "https://www.suse.com/security/cve/CVE-2016-5699"
},
{
"category": "external",
"summary": "SUSE Bug 1122729 for CVE-2016-5699",
"url": "https://bugzilla.suse.com/1122729"
},
{
"category": "external",
"summary": "SUSE Bug 1130840 for CVE-2016-5699",
"url": "https://bugzilla.suse.com/1130840"
},
{
"category": "external",
"summary": "SUSE Bug 985348 for CVE-2016-5699",
"url": "https://bugzilla.suse.com/985348"
},
{
"category": "external",
"summary": "SUSE Bug 985351 for CVE-2016-5699",
"url": "https://bugzilla.suse.com/985351"
},
{
"category": "external",
"summary": "SUSE Bug 986630 for CVE-2016-5699",
"url": "https://bugzilla.suse.com/986630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2016-5699"
},
{
"cve": "CVE-2017-18207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18207"
}
],
"notes": [
{
"category": "general",
"text": "The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications \"need to be prepared to handle a wide variety of exceptions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18207",
"url": "https://www.suse.com/security/cve/CVE-2017-18207"
},
{
"category": "external",
"summary": "SUSE Bug 1083507 for CVE-2017-18207",
"url": "https://bugzilla.suse.com/1083507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2017-18207"
},
{
"cve": "CVE-2018-1000802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1000802"
}
],
"notes": [
{
"category": "general",
"text": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027) vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1000802",
"url": "https://www.suse.com/security/cve/CVE-2018-1000802"
},
{
"category": "external",
"summary": "SUSE Bug 1109663 for CVE-2018-1000802",
"url": "https://bugzilla.suse.com/1109663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-1000802"
},
{
"cve": "CVE-2018-1060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1060"
}
],
"notes": [
{
"category": "general",
"text": "python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib\u0027s apop() method. An attacker could use this flaw to cause denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1060",
"url": "https://www.suse.com/security/cve/CVE-2018-1060"
},
{
"category": "external",
"summary": "SUSE Bug 1088009 for CVE-2018-1060",
"url": "https://bugzilla.suse.com/1088009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "low"
}
],
"title": "CVE-2018-1060"
},
{
"cve": "CVE-2018-1061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1061"
}
],
"notes": [
{
"category": "general",
"text": "python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1061",
"url": "https://www.suse.com/security/cve/CVE-2018-1061"
},
{
"category": "external",
"summary": "SUSE Bug 1088004 for CVE-2018-1061",
"url": "https://bugzilla.suse.com/1088004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "low"
}
],
"title": "CVE-2018-1061"
},
{
"cve": "CVE-2018-14647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14647"
}
],
"notes": [
{
"category": "general",
"text": "Python\u0027s elementtree C accelerator failed to initialise Expat\u0027s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat\u0027s internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14647",
"url": "https://www.suse.com/security/cve/CVE-2018-14647"
},
{
"category": "external",
"summary": "SUSE Bug 1109847 for CVE-2018-14647",
"url": "https://bugzilla.suse.com/1109847"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2018-14647",
"url": "https://bugzilla.suse.com/1126909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-14647"
},
{
"cve": "CVE-2018-20406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20406"
}
],
"notes": [
{
"category": "general",
"text": "Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a \"resize to twice the size\" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data. This issue is fixed in: v3.4.10, v3.4.10rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.7rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.7, v3.6.7rc1, v3.6.7rc2, v3.6.8, v3.6.8rc1, v3.6.9, v3.6.9rc1; v3.7.1, v3.7.1rc1, v3.7.1rc2, v3.7.2, v3.7.2rc1, v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20406",
"url": "https://www.suse.com/security/cve/CVE-2018-20406"
},
{
"category": "external",
"summary": "SUSE Bug 1120644 for CVE-2018-20406",
"url": "https://bugzilla.suse.com/1120644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-20406"
},
{
"cve": "CVE-2018-20852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20852"
}
],
"notes": [
{
"category": "general",
"text": "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20852",
"url": "https://www.suse.com/security/cve/CVE-2018-20852"
},
{
"category": "external",
"summary": "SUSE Bug 1141853 for CVE-2018-20852",
"url": "https://bugzilla.suse.com/1141853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-20852"
},
{
"cve": "CVE-2019-10160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10160"
}
],
"notes": [
{
"category": "general",
"text": "A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10160",
"url": "https://www.suse.com/security/cve/CVE-2019-10160"
},
{
"category": "external",
"summary": "SUSE Bug 1138459 for CVE-2019-10160",
"url": "https://bugzilla.suse.com/1138459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "important"
}
],
"title": "CVE-2019-10160"
},
{
"cve": "CVE-2019-15903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-15903"
}
],
"notes": [
{
"category": "general",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-15903",
"url": "https://www.suse.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "SUSE Bug 1149429 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1149429"
},
{
"category": "external",
"summary": "SUSE Bug 1154738 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154738"
},
{
"category": "external",
"summary": "SUSE Bug 1154806 for CVE-2019-15903",
"url": "https://bugzilla.suse.com/1154806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "important"
}
],
"title": "CVE-2019-15903"
},
{
"cve": "CVE-2019-16056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16056"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16056",
"url": "https://www.suse.com/security/cve/CVE-2019-16056"
},
{
"category": "external",
"summary": "SUSE Bug 1149955 for CVE-2019-16056",
"url": "https://bugzilla.suse.com/1149955"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2019-16056"
},
{
"cve": "CVE-2019-16935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-16935"
}
],
"notes": [
{
"category": "general",
"text": "The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_title is called with untrusted input, arbitrary JavaScript can be delivered to clients that visit the http URL for this server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-16935",
"url": "https://www.suse.com/security/cve/CVE-2019-16935"
},
{
"category": "external",
"summary": "SUSE Bug 1153238 for CVE-2019-16935",
"url": "https://bugzilla.suse.com/1153238"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2019-16935"
},
{
"cve": "CVE-2019-5010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-5010"
}
],
"notes": [
{
"category": "general",
"text": "An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-5010",
"url": "https://www.suse.com/security/cve/CVE-2019-5010"
},
{
"category": "external",
"summary": "SUSE Bug 1122191 for CVE-2019-5010",
"url": "https://bugzilla.suse.com/1122191"
},
{
"category": "external",
"summary": "SUSE Bug 1126909 for CVE-2019-5010",
"url": "https://bugzilla.suse.com/1126909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2019-5010"
},
{
"cve": "CVE-2019-9636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9636"
}
],
"notes": [
{
"category": "general",
"text": "Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a given hostname). The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorrectly parsed to locate cookies or authentication data and send that information to a different host than when parsed correctly. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.7, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.3, v3.7.3rc1, v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9636",
"url": "https://www.suse.com/security/cve/CVE-2019-9636"
},
{
"category": "external",
"summary": "SUSE Bug 1129346 for CVE-2019-9636",
"url": "https://bugzilla.suse.com/1129346"
},
{
"category": "external",
"summary": "SUSE Bug 1135433 for CVE-2019-9636",
"url": "https://bugzilla.suse.com/1135433"
},
{
"category": "external",
"summary": "SUSE Bug 1138459 for CVE-2019-9636",
"url": "https://bugzilla.suse.com/1138459"
},
{
"category": "external",
"summary": "SUSE Bug 1145004 for CVE-2019-9636",
"url": "https://bugzilla.suse.com/1145004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2019-9636"
},
{
"cve": "CVE-2019-9947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9947"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9947",
"url": "https://www.suse.com/security/cve/CVE-2019-9947"
},
{
"category": "external",
"summary": "SUSE Bug 1130840 for CVE-2019-9947",
"url": "https://bugzilla.suse.com/1130840"
},
{
"category": "external",
"summary": "SUSE Bug 1136184 for CVE-2019-9947",
"url": "https://bugzilla.suse.com/1136184"
},
{
"category": "external",
"summary": "SUSE Bug 1155094 for CVE-2019-9947",
"url": "https://bugzilla.suse.com/1155094"
},
{
"category": "external",
"summary": "SUSE Bug 1201559 for CVE-2019-9947",
"url": "https://bugzilla.suse.com/1201559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:libpython3_6m1_0-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:libpython3_6m1_0-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-base-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-base-32bit-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-curses-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-dbm-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-devel-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-idle-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-testsuite-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tk-3.6.10-lp151.6.7.1.x86_64",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.i586",
"openSUSE Leap 15.1:python3-tools-3.6.10-lp151.6.7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-01-21T15:12:01Z",
"details": "moderate"
}
],
"title": "CVE-2019-9947"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…