Vulnerability CVE-2014-3522 - CERT Civis.Net

Vulnerability Name:

CVE-2014-3522 (CCN-95311)

Assigned:

2014-08-11

Published:

2014-08-11

Updated:

2018-10-30

Summary:

The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

CWE-297: Improper Validation of Certificate with Host Mismatch

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2014-3522

Source: APPLE
Type: Mailing List, Third Party Advisory
APPLE-SA-2015-03-09-4

Source: SUSE
Type: Third Party Advisory
openSUSE-SU-2014:1059

Source: SECUNIA
Type: UNKNOWN
59432

Source: SECUNIA
Type: UNKNOWN
59584

Source: SECUNIA
Type: UNKNOWN
60100

Source: SECUNIA
Type: UNKNOWN
60722

Source: CCN
Type: Apache Subversion Web site
Apache Subversion

Source: CCN
Type: Apache Web site
Subversion's Serf RA layer does not correctly validate certificates with wildcards in them for HTTPS

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Source: OSVDB
Type: UNKNOWN
109996

Source: CCN
Type: OSVDB ID: 109996
Apache Subversion Serf RA Layer Wildcard Certificate Validation MitM Spoofing Weakness

Source: BID
Type: Third Party Advisory, VDB Entry
69237

Source: CCN
Type: BID-69237
Apache Subversion CVE-2014-3522 SSL Certificate Validation Information Disclosure Vulnerability

Source: UBUNTU
Type: Third Party Advisory
USN-2316-1

Source: XF
Type: UNKNOWN
apache-subversion-cve20143528-info-disc(95090)

Source: XF
Type: UNKNOWN
apache-subversion-cve20143522-spoofing(95311)

Source: XF
Type: UNKNOWN
apache-subversion-cve20143522-spoofing(95311)

Source: GENTOO
Type: UNKNOWN
GLSA-201610-05

Source: CONFIRM
Type: Patch, Vendor Advisory
https://subversion.apache.org/security/CVE-2014-3522-advisory.txt

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/HT204427

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-3522

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:subversion:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.1:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.2:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.3:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.4:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.5:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.4.6:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.1:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.2:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.3:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.4:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.5:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.6:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.7:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.5.8:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.1:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.2:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.3:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.4:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.5:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.6:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.7:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.8:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.9:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.10:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.11:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.12:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.13:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.14:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.15:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.16:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.17:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.18:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.19:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.20:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.21:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.6.23:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.1:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.2:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.3:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.4:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.5:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.6:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.7:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.8:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.9:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.10:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.11:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.12:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.13:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.14:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.15:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.16:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.17:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.1:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.2:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.3:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.4:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.5:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.6:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.7:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.8:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.9:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

OR cpe:/o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Configuration 4:

cpe:/a:apple:xcode:6.1.1:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:subversion:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.0:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.7.17:*:*:*:*:*:*:*

OR cpe:/a:apache:subversion:1.8.9:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20143522	V	CVE-2014-3522	2022-09-02
oval:org.opensuse.security:def:569	P	Security update for libnbd (Moderate)	2022-07-11
oval:org.opensuse.security:def:1597	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:1075	P	Security update for webkit2gtk3 (Important)	2022-06-14
oval:org.opensuse.security:def:274	P	powerpc-utils-1.3.8-7.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1368	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:869	P	Security update for python-pip (Moderate)	2022-04-28
oval:org.opensuse.security:def:1321	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)	2022-04-25
oval:org.opensuse.security:def:112862	P	libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:1542	P	Security update for apache2 (Important)	2022-01-17
oval:org.opensuse.security:def:9678	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9876	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:9478	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:10430	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:9889	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:9480	P	Security update for libvirt (Important)	2022-01-05
oval:org.opensuse.security:def:916	P	Security update for libvirt (Important)	2022-01-04
oval:org.opensuse.security:def:10708	P	Security update for gegl (Important)	2021-12-31
oval:org.opensuse.security:def:10709	P	Security update for gegl (Important)	2021-12-31
oval:org.opensuse.security:def:9891	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:10431	P	Security update for xorg-x11-server (Important)	2021-12-21
oval:org.opensuse.security:def:68097	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:9433	P	Security update for MozillaFirefox (Important)	2021-12-10
oval:org.opensuse.security:def:1789	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:9823	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:9825	P	Security update for clamav (Moderate)	2021-12-06
oval:org.opensuse.security:def:9427	P	Security update for openssh (Important)	2021-12-03
oval:org.opensuse.security:def:9815	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:9614	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:10167	P	Security update for busybox (Important)	2021-10-27
oval:org.opensuse.security:def:10700	P	Security update for ffmpeg (Moderate)	2021-10-26
oval:org.opensuse.security:def:9800	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:10699	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:9598	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:10348	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:10347	P	Security update for MozillaFirefox (Important)	2021-10-11
oval:org.opensuse.security:def:106323	P	libsvn_auth_gnome_keyring-1-0-1.9.5-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:9402	P	Security update for libqt5-qtbase (Important)	2021-09-30
oval:org.opensuse.security:def:10657	P	Security update for ffmpeg (Important)	2021-09-23
oval:org.opensuse.security:def:10658	P	Security update for grilo (Important)	2021-09-23
oval:org.opensuse.security:def:103732	P	subversion-server-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:90077	P	subversion-server-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61658	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71247	P	libblkid-devel-2.33.1-2.28 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63242	P	subversion-server-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96778	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71337	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2153	P	subversion-server-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71169	P	dhcp-4.3.5-4.15 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103468	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89813	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:97042	P	subversion-server-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71360	P	patch-2.7.6-3.5 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71399	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:64573	P	Security update for openssl-1_1 (Low)	2021-09-07
oval:org.opensuse.security:def:9589	P	Security update for openssl-1_1 (Low)	2021-09-07
oval:org.opensuse.security:def:10151	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:10338	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:64750	P	Security update for dbus-1 (Moderate)	2021-08-23
oval:org.opensuse.security:def:9387	P	Security update for spice-vdagent (Moderate)	2021-08-20
oval:org.opensuse.security:def:9568	P	Security update for go1.15 (Moderate)	2021-08-20
oval:org.opensuse.security:def:9576	P	Security update for krb5 (Important)	2021-08-20
oval:org.opensuse.security:def:10322	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:10136	P	Security update for libass (Important)	2021-08-20
oval:org.opensuse.security:def:10323	P	Security update for php7 (Important)	2021-08-20
oval:org.opensuse.security:def:10129	P	Security update for c-ares (Important)	2021-08-17
oval:org.opensuse.security:def:10316	P	Security update for webkit2gtk3 (Important)	2021-08-17
oval:org.opensuse.security:def:47390	P	libpcre1-32bit-8.39-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46931	P	e2fsprogs-1.42.11-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48002	P	eog-3.20.4-7.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47791	P	libssh4-0.6.3-12.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47870	P	python-requests-2.11.1-6.28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47643	P	hplip-3.16.11-1.33 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47677	P	libXfont2-2-2.0.3-1.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48023	P	gnome-settings-daemon-3.20.1-50.16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47551	P	apache-commons-daemon-1.0.15-6.10 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48297	P	rsync-3.1.3-1.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47556	P	apache2-mod_nss-1.0.14-19.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47952	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47419	P	libthai-data-0.1.25-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48149	P	libmodplug1-0.8.9.0+git20170610.f6dd59a-15.4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47542	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48305	P	shadow-4.2.1-34.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47921	P	xen-4.11.0_08-1.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47437	P	libyaml-0-2-0.1.6-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47226	P	cpp48-4.8.5-30.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48057	P	kernel-default-4.12.14-120.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48091	P	libXxf86vm1-1.1.3-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47856	P	pigz-2.3-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47105	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47925	P	xlockmore-5.43-5.30 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47943	P	accountsservice-0.6.42-16.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47091	P	libvdpau1-1.1.1-6.73 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47732	P	libksba8-1.3.0-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48318	P	sysstat-12.0.2-10.24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47851	P	perl-HTML-Parser-3.71-1.145 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47611	P	ft2demos-2.6.3-7.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48247	P	opensc-0.13.0-3.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47719	P	libicu-doc-52.1-8.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47597	P	dpdk-17.11.4-3.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48352	P	yast2-3.2.50-4.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48216	P	libvirt-5.1.0-11.10 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47541	P	yast2-users-3.2.11-1.47 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47526	P	wget-1.14-20.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48138	P	libkpathsea6-6.2.0dev-22.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48151	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47405	P	libruby2_1-2_1-2.1.9-18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47794	P	libtasn1-4.9-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47990	P	dbus-1-glib-0.100.2-3.58 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47391	P	libpcsclite1-1.8.10-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47710	P	libgme0-0.6.0-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47090	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47898	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47496	P	rtkit-0.11_git201205151338-8.14 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47766	P	libpng16-16-1.6.8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47348	P	libgnomesu-2.0.0-353.6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47596	P	dovecot22-2.2.31-19.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47573	P	cifs-utils-6.5-9.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47256	P	freeradius-server-3.0.14-1.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48242	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47452	P	openssh-7.2p2-69.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48089	P	libXvnc1-1.6.0-22.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47124	P	perl-HTML-Parser-3.71-1.145 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48094	P	libarchive13-3.1.2-26.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47438	P	libz1-1.2.8-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48005	P	fetchmail-6.3.26-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:1020	P	krb5-1.16.3-3.15.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:10123	P	Security update for linuxptp (Important)	2021-07-27
oval:org.opensuse.security:def:10121	P	Security update for qemu (Important)	2021-07-23
oval:org.opensuse.security:def:9365	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:10120	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:10114	P	Security update for dbus-1 (Important)	2021-06-30
oval:org.opensuse.security:def:9357	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:67997	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:68007	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:10099	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:9725	P	Security update for MozillaFirefox (Important)	2021-06-09
oval:org.opensuse.security:def:10098	P	Security update for MozillaFirefox (Important)	2021-06-09
oval:org.opensuse.security:def:48595	P	perl-Config-IniFiles-2.82-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48594	P	perl-5.18.2-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48661	P	ImageMagick-6.8.8.1-5.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46810	P	patch-2.7.5-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48511	P	libjbig2-2.0-12.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48563	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46796	P	mutt-1.5.21-49.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16309	P	libsvn_auth_gnome_keyring-1-0-1.8.10-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48498	P	libgraphite2-3-1.3.1-6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48389	P	cpp48-4.8.5-30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11382	P	libneon27-0.30.0-3.65 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:72597	P	subversion-bash-completion-1.10.0-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48769	P	empathy-3.12.12-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15663	P	libsvn_auth_gnome_keyring-1-0-1.8.10-1.25 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48698	P	libvirt-client-32bit-1.2.5-13.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48956	P	libyaml-cpp0_5-0.5.3-3.3.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11359	P	libfbembed2_5-2.5.2.26539-13.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62878	P	subversion-bash-completion-1.10.0-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48667	P	dia-0.97.2-13.253 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16585	P	libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46795	P	mozilla-nspr-32bit-4.10.10-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48602	P	ppp-2.4.7-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124591	P	libsvn_auth_gnome_keyring-1-0-1.8.19-25.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48436	P	groff-1.22.2-5.287 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48715	P	dia-0.97.2-13.253 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48824	P	bash-lang-4.3-82.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15850	P	libsvn_auth_gnome_keyring-1-0-1.8.10-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48753	P	pidgin-otr-4.0.0-6.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11360	P	libfreebl3-3.16.4-5.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48722	P	gimp-2.8.10-1.164 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71104	P	subversion-1.10.0-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48618	P	rsyslog-8.4.0-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16586	P	libsvn_auth_kwallet-1-0-1.8.10-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48657	P	yast2-3.1.206-36.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124592	P	libsvn_auth_kwallet-1-0-1.8.10-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48540	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48547	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61363	P	subversion-1.10.0-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48456	P	libFLAC++6-1.3.0-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48516	P	libldap-2_4-2-2.4.41-18.25.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71056	P	minicom-2.7.1-1.19 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16061	P	libsvn_auth_gnome_keyring-1-0-1.8.10-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48451	P	kbd-1.15.5-8.7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11381	P	libmysqlclient18-10.0.11-6.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48665	P	colord-1.1.7-2.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10091	P	Security update for libwebp (Critical)	2021-06-04
oval:org.opensuse.security:def:9514	P	Security update for nginx (Important)	2021-06-02
oval:org.opensuse.security:def:9327	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:10072	P	Security update for sca-patterns-sle11 (Important)	2021-05-04
oval:org.opensuse.security:def:10248	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:10247	P	Security update for stunnel (Important)	2021-05-03
oval:org.opensuse.security:def:9495	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:9691	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:9308	P	Security update for xen (Important)	2021-04-19
oval:org.opensuse.security:def:9491	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:64469	P	Security update for opensc (Moderate)	2021-04-13
oval:org.opensuse.security:def:10229	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:9867	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:10228	P	Security update for libass (Important)	2021-03-24
oval:org.opensuse.security:def:9469	P	Security update for libsolv, libzypp, yast2-installation, zypper (Moderate)	2021-03-11
oval:org.opensuse.security:def:9665	P	Security update for python (Moderate)	2021-03-11
oval:org.opensuse.security:def:10412	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10411	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:64663	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:10408	P	Security update for postgresql12 (Moderate)	2021-03-03
oval:org.opensuse.security:def:10409	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:10214	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:9656	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:64660	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:10213	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:10400	P	Security update for rpmlint (Moderate)	2021-03-01
oval:org.opensuse.security:def:10401	P	Security update for java-1_8_0-openjdk (Moderate)	2021-03-01
oval:org.opensuse.security:def:10398	P	Security update for glibc (Important)	2021-02-26
oval:org.opensuse.security:def:10399	P	Security update for python-Jinja2 (Important)	2021-02-26
oval:org.opensuse.security:def:9845	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:9644	P	Security update for the Linux Kernel (Important)	2021-02-19
oval:org.opensuse.security:def:67816	P	Security update for the Linux Kernel (Important)	2021-02-11
oval:org.opensuse.security:def:10389	P	Security update for openvswitch (Important)	2021-02-11
oval:org.opensuse.security:def:10390	P	Security update for wpa_supplicant (Important)	2021-02-11
oval:org.opensuse.security:def:10166	P	Security update for java-11-openjdk (Important)	2021-02-09
oval:org.opensuse.security:def:10090	P	Security update for wavpack (Moderate)	2021-01-21
oval:org.opensuse.security:def:9706	P	Security update for tcmu-runner (Important)	2021-01-18
oval:org.opensuse.security:def:10633	P	Security update for MozillaThunderbird (Critical)	2020-12-25
oval:org.opensuse.security:def:10632	P	Security update for PackageKit (Low)	2020-12-22
oval:org.opensuse.security:def:2098	P	subversion-server-1.10.0-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4060	P	libsvn_auth_kwallet-1-0-1.8.10-24.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16896	P	libsvn_auth_kwallet-1-0-1.8.10-24.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72645	P	subversion-bash-completion-1.10.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62926	P	subversion-bash-completion-1.10.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103660	P	subversion-bash-completion-1.10.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90005	P	subversion-bash-completion-1.10.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49010	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:1837	P	subversion-bash-completion-1.10.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4059	P	libsvn_auth_gnome_keyring-1-0-1.10.6-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63187	P	subversion-server-1.10.0-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71450	P	bubblewrap-0.4.1-1.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16895	P	libsvn_auth_gnome_keyring-1-0-1.10.6-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:11050	P	libpoppler44 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49762	P	subversion-bash-completion on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10796	P	libsvn_auth_gnome_keyring-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49929	P	python2-salt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10557	P	libusbmuxd-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10527	P	libpacemaker-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10538	P	libreoffice-sdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10047	P	cyrus-sasl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10523	P	libneon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9972	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49809	P	subversion-bash-completion on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10476	P	libXt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11071	P	libsvn_auth_gnome_keyring-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9953	P	openvswitch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49984	P	uuidd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9938	P	libxerces-c-3_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10558	P	libvdpau-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9170	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10539	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10721	P	libblkid-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67716	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10524	P	libnettle-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49708	P	perl-File-Path on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9293	P	xlockmore on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49983	P	subversion-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10477	P	libXtst-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11072	P	libsvn_auth_kwallet-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9246	P	rrdtool on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64382	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9200	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11049	P	libpoppler-cpp0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9178	P	libwavpack1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10549	P	libsvn_auth_gnome_keyring-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10722	P	libbotan-1_10-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67907	P	libgypsy-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49755	P	perl-DNS-LDNS on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50038	P	subversion-server on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:25808	V	Apache Subversion vulnerability 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate	2015-05-04
oval:org.mitre.oval:def:25847	P	USN-2316-1 -- subversion vulnerabilities	2014-10-13
oval:com.ubuntu.precise:def:20143522000	V	CVE-2014-3522 on Ubuntu 12.04 LTS (precise) - medium.	2014-08-19
oval:com.ubuntu.trusty:def:20143522000	V	CVE-2014-3522 on Ubuntu 14.04 LTS (trusty) - medium.	2014-08-19