Vulnerability CVE-2008-2371 - CERT Civis.Net

Vulnerability Name:

CVE-2008-2371 (CCN-43614)

Assigned:

2008-06-30

Published:

2008-06-30

Updated:

2022-08-01

Summary:

Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: Gentoo Bugzilla Bug 228091
dev-libs/libpcre <7.7-r1 pcre_compile.c Heap-based buffer overflow (CVE-2008-2371)

Source: CONFIRM
Type: Exploit, Issue Tracking
http://bugs.gentoo.org/show_bug.cgi?id=228091

Source: MITRE
Type: CNA
CVE-2008-2371

Source: CCN
Type: GNOME Web site
GLib

Source: CCN
Type: GNOME FTP site
glib-2.16.4.changes

Source: CONFIRM
Type: Third Party Advisory
http://ftp.gnome.org/pub/GNOME/sources/glib/2.16/glib-2.16.4.changes

Source: CCN
Type: HP Security Bulletin HPSBUX02431 SSRT090085 rev.1
HP-UX Running Apache Web Server Suite, Remote Denial of Service (DoS), Execution of Arbitrary Code

Source: APPLE
Type: Mailing List
APPLE-SA-2008-10-09

Source: APPLE
Type: Mailing List
APPLE-SA-2009-05-12

Source: SUSE
Type: Mailing List, Third Party Advisory
SUSE-SR:2008:014

Source: HP
Type: Issue Tracking, Third Party Advisory
SSRT090085

Source: HP
Type: Issue Tracking, Third Party Advisory
HPSBUX02465

Source: CCN
Type: SA30916
PCRE pcre_compile.c Buffer Overflow Vulnerability

Source: SECUNIA
Type: Not Applicable
30916

Source: CCN
Type: SA30944
GNOME Glib PCRE pcre_compile.c Buffer Overflow Vulnerability

Source: SECUNIA
Type: Not Applicable
30944

Source: SECUNIA
Type: Not Applicable
30945

Source: SECUNIA
Type: Not Applicable
30958

Source: SECUNIA
Type: Not Applicable
30961

Source: SECUNIA
Type: Not Applicable
30967

Source: SECUNIA
Type: Not Applicable
30972

Source: SECUNIA
Type: Not Applicable
30990

Source: SECUNIA
Type: Not Applicable
31200

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Not Applicable
32222

Source: SECUNIA
Type: Not Applicable
32454

Source: SECUNIA
Type: Not Applicable
32746

Source: CCN
Type: SA35074
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Not Applicable
35074

Source: CCN
Type: SA35650
HP-UX Apache Web Server Suite Multiple Vulnerabilities

Source: SECUNIA
Type: Not Applicable
35650

Source: SECUNIA
Type: Not Applicable
39300

Source: GENTOO
Type: Third Party Advisory
GLSA-200811-05

Source: CCN
Type: Apple Web site
About Security Update 2008-007

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT3216

Source: CONFIRM
Type: Third Party Advisory
http://support.apple.com/kb/HT3549

Source: CCN
Type: ASA-2009-255
HPSBUX02431 SSRT090085 rev.1 - HP-UX Running Apache Web Server SuiteRemote Denial of Service (DoS) Execution of Arbitrary Code

Source: UBUNTU
Type: Third Party Advisory
USN-624-2

Source: CONFIRM
Type: Broken Link, Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0305

Source: DEBIAN
Type: Third Party Advisory
DSA-1602

Source: DEBIAN
Type: DSA-1602
pcre3 -- buffer overflow

Source: GENTOO
Type: Third Party Advisory
GLSA-200807-03

Source: CCN
Type: GLSA-200811-05
PHP: Multiple vulnerabilities

Source: MANDRIVA
Type: Broken Link, Third Party Advisory
MDVSA-2008:147

Source: MANDRIVA
Type: Broken Link, Third Party Advisory
MDVSA-2009:023

Source: CCN
Type: OSVDB ID: 46690
Perl-Compatible Regular Expression (PCRE) pcre_compile.c Crafted Pattern Handling Overflow

Source: CCN
Type: PCRE Web site
PCRE - Perl Compatible Regular Expressions

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20081027 rPSA-2008-0305-1 pcre

Source: BID
Type: Third Party Advisory, VDB Entry
30087

Source: CCN
Type: BID-30087
PCRE Regular Expression Heap Based Buffer Overflow Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
31681

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: CCN
Type: USN-624-1
PCRE vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-624-1

Source: CCN
Type: USN-624-2
Erlang vulnerability

Source: CCN
Type: USN-628-1
PHP vulnerabilities

Source: UBUNTU
Type: Third Party Advisory
USN-628-1

Source: CERT
Type: Third Party Advisory, US Government Resource
TA09-133A

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2008-2005

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2008-2006

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2008-2336

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2008-2780

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2009-1297

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2010-0833

Source: XF
Type: UNKNOWN
pcre-pcrecompile-regex-bo(43614)

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-6025

Source: FEDORA
Type: Third Party Advisory
FEDORA-2008-6048

Source: SUSE
Type: SUSE-SR:2008:014
[security-announce] SUSE Security Summary Report SUSE-SR:2008:014

Vulnerable Configuration:

Configuration 1:

cpe:/a:pcre:pcre:7.7:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.2.0 and <= 5.2.7)

Configuration 3:

cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*

OR cpe:/o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:fedoraproject:fedora:9:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:8:*:*:*:*:*:*:*

Configuration 6:

cpe:/o:opensuse:opensuse:10.3:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/o:apple:mac_os_x:10.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.6:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.7:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

OR cpe:/a:apache:http_server:2.0.59:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.10:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:x86-64:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*

OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*

OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*

OR cpe:/a:apache:http_server:2.2.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:5.5.27:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:42312	P	Security update for containerd, docker and runc (Important)	2022-07-08
oval:org.opensuse.security:def:20082371	V	CVE-2008-2371	2022-06-30
oval:org.opensuse.security:def:112296	P	gio-branding-upstream-2.68.4-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:31372	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:31373	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:26187	P	Security update for libvpx (Moderate)	2021-12-23
oval:org.opensuse.security:def:33059	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:26173	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:26166	P	Security update for php74 (Moderate)	2021-11-18
oval:org.opensuse.security:def:32211	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31689	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:105819	P	gio-branding-upstream-2.68.4-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26134	P	Security update for the Linux Kernel (Important)	2021-09-23
oval:org.opensuse.security:def:31687	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:31682	P	Security update for openssl (Low)	2021-09-20
oval:org.opensuse.security:def:31261	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:26110	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:42114	P	Security update for dbus-1 (Moderate)	2021-08-23
oval:org.opensuse.security:def:31241	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:32148	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:26085	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:32126	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-06-18
oval:org.opensuse.security:def:36135	P	glib2-2.22.5-0.8.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31633	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:36413	P	glib2-devel-2.22.5-0.8.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42542	P	glib2-2.22.5-0.8.14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:31187	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31629	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:31176	P	Security update for libxml2 (Important)	2021-05-19
oval:org.opensuse.security:def:31175	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:32087	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:31613	P	Security update for tomcat (Important)	2021-04-29
oval:org.opensuse.security:def:26038	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:26032	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:26026	P	Security update for cifs-utils (Moderate)	2021-04-13
oval:org.opensuse.security:def:33098	P	Security update for python3 (Moderate)	2021-03-19
oval:org.opensuse.security:def:31739	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:31738	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:31333	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:26034	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:32192	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:32830	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:25976	P	Security update for curl (Moderate)	2020-12-10
oval:org.opensuse.security:def:35905	P	glib2-2.22.5-0.8.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:25969	P	Security update for xen (Important)	2020-12-03
oval:org.opensuse.security:def:35555	P	glib2-2.22.5-0.2.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35707	P	glib2-2.22.5-0.2.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41962	P	glib2-2.22.5-0.2.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31024	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25543	P	Security update for libgxps (Moderate)	2020-12-01
oval:org.opensuse.security:def:31982	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26694	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25888	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:25683	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:31929	P	Security update for glib2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26904	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25106	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:31109	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25881	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32316	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:27376	P	boinc-client on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31384	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:25937	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31995	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25118	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26314	P	Security update for iperf (Moderate)	2020-12-01
oval:org.opensuse.security:def:32377	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25456	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:31590	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:26539	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25990	P	Security update for libvpx (Moderate)	2020-12-01
oval:org.opensuse.security:def:32672	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25962	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:25310	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26402	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:25531	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:26672	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25974	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25448	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32038	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26460	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:25740	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31799	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:31601	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25835	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27133	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25258	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:25824	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:32481	P	NetworkManager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26304	P	Security update for python-keystoneclient (Moderate)	2020-12-01
oval:org.opensuse.security:def:25270	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:31485	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:26592	P	libneon27 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25882	P	Security update for python-tornado (Moderate)	2020-12-01
oval:org.opensuse.security:def:25685	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31819	P	Security update for augeas (Moderate)	2020-12-01
oval:org.opensuse.security:def:32869	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31023	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:25462	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:31826	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:26680	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26555	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25760	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31968	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:31890	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:26869	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31035	P	Security update for jpeg (Moderate)	2020-12-01
oval:org.opensuse.security:def:25600	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:26738	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25736	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:31951	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25107	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32355	P	Security update for squid3 (Important)	2020-12-01
oval:org.opensuse.security:def:27411	P	glib2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25455	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:31458	P	Security update for postgresql91 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26388	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:32633	P	apache2-mod_jk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25182	P	Security update for krb5-appl (Important)	2020-12-01
oval:org.opensuse.security:def:31390	P	Security update for pam	2020-12-01
oval:org.opensuse.security:def:26363	P	Security update for libgit2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32421	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:25467	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:25963	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25391	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:31785	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26416	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:25659	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32055	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:26707	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25532	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27098	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25797	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:25785	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:31843	P	Security update for cairo (Moderate)	2020-12-01
oval:org.opensuse.security:def:31602	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:26247	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:25259	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31393	P	Security update for pam_pkcs11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26261	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:25838	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:32520	P	glib2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25684	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:31477	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:25334	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:31542	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:26641	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26520	P	PolicyKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25696	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31841	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:26231	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.mitre.oval:def:17737	P	USN-628-1 -- php5 vulnerabilities	2014-06-30
oval:org.mitre.oval:def:13589	P	USN-624-2 -- erlang vulnerability	2014-06-30
oval:org.mitre.oval:def:17537	P	USN-624-1 -- pcre3 vulnerability	2014-06-30
oval:org.mitre.oval:def:7744	P	DSA-1602 pcre3 -- buffer overflow	2014-06-23
oval:org.mitre.oval:def:18659	P	DSA-1602-1 pcre3 - arbitrary code execution	2014-06-23
oval:org.debian:def:1602	V	buffer overflow	2008-07-05