Vulnerability Name:

CVE-2015-3183 (CCN-104844)

Assigned:2015-07-15
Published:2015-07-15
Updated:2021-06-06
Summary:The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
CVSS v3 Severity:6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
3.7 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
3.2 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
2.6 Low (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
CWE-17
CWE-172
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2015-3183

Source: CCN
Type: Apache Web site
Apache httpd 2.4 vulnerabilities

Source: CONFIRM
Type: Vendor Advisory
http://httpd.apache.org/security/vulnerabilities_24.html

Source: CONFIRM
Type: UNKNOWN
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735

Source: APPLE
Type: UNKNOWN
APPLE-SA-2015-08-13-2

Source: APPLE
Type: UNKNOWN
APPLE-SA-2015-09-16-4

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2015:1684

Source: HP
Type: UNKNOWN
SSRT102254

Source: REDHAT
Type: UNKNOWN
RHSA-2015:1666

Source: REDHAT
Type: UNKNOWN
RHSA-2015:1667

Source: REDHAT
Type: UNKNOWN
RHSA-2015:1668

Source: REDHAT
Type: UNKNOWN
RHSA-2015:2661

Source: CCN
Type: RHSA-2016-0061
Moderate: httpd and httpd22 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:0061

Source: CCN
Type: RHSA-2016-0062
Moderate: Red Hat JBoss Web Server 2.1.0 security update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:0062

Source: CCN
Type: RHSA-2016-2054
Moderate: Red Hat JBoss Enterprise Application Platform 6.4.10 natives update on RHEL 7

Source: REDHAT
Type: UNKNOWN
RHSA-2016:2054

Source: CCN
Type: RHSA-2016-2055
Moderate: Red Hat JBoss Enterprise Application Platform 6.4.10 natives update on RHEL 6

Source: REDHAT
Type: UNKNOWN
RHSA-2016:2055

Source: CCN
Type: RHSA-2016-2056
Important: Red Hat JBoss Enterprise Application Platform 6.4.10 update

Source: REDHAT
Type: UNKNOWN
RHSA-2016:2056

Source: CONFIRM
Type: UNKNOWN
http://www.apache.org/dist/httpd/CHANGES_2.4

Source: DEBIAN
Type: UNKNOWN
DSA-3325

Source: CCN
Type: IBM Security Bulletin T1023116
IBM Flex System Manager (FSM) is affected by multiple vulnerabilities from Apache HTTP server (CVE-2015-1283, CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin T1023775 (PowerKVM)
Vulnerabilities in the Apache HTTP Server affect PowerKVM (CVE-2015-3183,CVE-2015-3185)

Source: CCN
Type: IBM Security Bulletin T1023905 (SmartCloud Entry)
Httpd vulnerabilities affect IBM SmartCloud Entry (CVE-2013-5704 CVE-2015-3183 )

Source: CCN
Type: IBM Security Bulletin T1023905 (SmartCloud Entry)
Httpd vulnerabilities affect IBM SmartCloud Entry (CVE-2013-5704 CVE-2015-3183 )

Source: CCN
Type: IBM Security Bulletin N1020941
IBM i Apache server affected by vulnerabilities CVE-2015-1283 and CVE-2015-3183.

Source: CCN
Type: IBM Security Bulletin N1021268 (Server Firmware, HMC and SDMC)
Vulnerabilities in httpd affect Power Hardware Management Console (CVE-2013-5704, CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin S1005818 (Real-time Compression Appliance STN6500 -STN6800 (2452-650 -680))
Security Bulletin: Real-time compression appliance (CVE-2013-5704 CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin 1963361
HTTP Request smuggling vulnerability may affect IBM HTTP Server (CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin 1967057
Vulnerabilities in IBM HTTP Server affect IBM Security Network Protection (CVE-2015-3183, and CVE-2015-1283)

Source: CCN
Type: IBM Security Bulletin 1969062
Multiple vulnerabilities have been identified in the IBM HTTP Server bundled with IBM Domino 9.0.0x & 9.0.1x (CVE-2015-1283, CVE-2015-3183, CVE-2015-4947)

Source: CCN
Type: IBM Security Bulletin 1970056
IBM Tivoli Monitoring (CVE-2015-1829, CVE-2015-3183, CVE-2015-1283, CVE-2015-4947, CVE-2015-2808)

Source: CCN
Type: IBM Security Bulletin 1972470
Multiple vulnerabilities in IBM HTTP Server (IHS) affect IBM Security SiteProtector System (CVE-2015-1283, CVE-2015-3183 and CVE-2015-4947)

Source: CCN
Type: IBM Security Bulletin 1972884
Security Vulnerability in IBM WebSphere Application Server shipped with IBM Tivoli Netcool Configuration Manager(CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin 1974733
A HTTP server vulnerability affects IBM Security Access Manager for Web (CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin 1977267 (Transformation Extender Advanced)
A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-3183)

Source: CCN
Type: IBM Security Bulletin C1000112 (Cloud Orchestrator)
Multiple vulnerabilities have been identified in IBM Business Process Manager, and bundled products shipped with IBM Cloud Orchestrator and Cloud Orchestrator Enterprise

Source: CCN
Type: Oracle CPUJul2016
Oracle Critical Patch Update Advisory - July 2016

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Source: CCN
Type: Oracle Critical Patch Update Advisory - January 2016
Oracle Critical Patch Update Advisory - January 2016

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Source: BID
Type: UNKNOWN
75963

Source: CCN
Type: BID-75963
Apache HTTP Server CVE-2015-3183 Security Vulnerability

Source: BID
Type: UNKNOWN
91787

Source: CCN
Type: BID-91787
Oracle July 2016 Critical Patch Update Multiple Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1032967

Source: UBUNTU
Type: UNKNOWN
USN-2686-1

Source: REDHAT
Type: UNKNOWN
RHSA-2015:2659

Source: REDHAT
Type: UNKNOWN
RHSA-2015:2660

Source: XF
Type: UNKNOWN
apache-cve20153183-request-smuggling(104844)

Source: CONFIRM
Type: UNKNOWN
https://github.com/apache/httpd/commit/a6027e56924bb6227c1fdbf6f91e7e2438338be6

Source: CONFIRM
Type: UNKNOWN
https://github.com/apache/httpd/commit/e427c41257957b57036d5a549b260b6185d1dd73

Source: CONFIRM
Type: UNKNOWN
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246

Source: CONFIRM
Type: UNKNOWN
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: UNKNOWN
[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: CONFIRM
Type: UNKNOWN
https://puppet.com/security/cve/CVE-2015-3183

Source: GENTOO
Type: UNKNOWN
GLSA-201610-02

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/HT205219

Source: CONFIRM
Type: UNKNOWN
https://support.apple.com/kb/HT205031

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-3183

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:*:*:*:*:*:*:*:* (Version <= 2.4.13)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.12:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:http_server:6.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:http_server:8.5:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:6.0:*:web:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:6.1:*:web:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:6.1.1:*:web:*:*:*:*:*
  • OR cpe:/o:ibm:security_access_manager:7.0:*:web:*:*:*:*:*
  • OR cpe:/a:ibm:security_siteprotector_system:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:6:*:el6:*:*:*:*:*
  • OR cpe:/o:ibm:security_network_protection_firmware:5.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_entry:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_entry:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:domino:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_entry:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:smartcloud_entry:2.4:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:security_network_protection_firmware:5.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_netcool_configuration_manager:6.4.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:6.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_siteprotector_system:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:flex_system_manager_node:*:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_orchestrator:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:transformation_extender:9.0:*:advanced:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_web_server:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:redhat:jboss_enterprise_application_platform:6.4:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20153183
    V
    		CVE-2015-3183
    2022-05-20
    oval:org.opensuse.security:def:34054
    P
    		Security update for libvirt (Important)
    2022-01-10
    oval:org.opensuse.security:def:34015
    P
    		Security update for log4j (Important)
    2021-12-17
    oval:org.opensuse.security:def:33751
    P
    		Security update for mozilla-nss (Important)
    2021-12-06
    oval:org.opensuse.security:def:40585
    P
    		Security update for mozilla-nss (Important)
    2021-12-06
    oval:org.opensuse.security:def:19619
    P
    		Security update for the Linux Kernel (Important)
    2021-12-02
    oval:org.opensuse.security:def:32210
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:34555
    P
    		Security update for webkit2gtk3 (Important)
    2021-10-06
    oval:org.opensuse.security:def:33966
    P
    		Security update for openexr (Important)
    2021-09-02
    oval:org.opensuse.security:def:32134
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:32123
    P
    		Security update for xterm (Important)
    2021-06-18
    oval:org.opensuse.security:def:32122
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:32950
    P
    		Security update for apache2 (Important)
    2021-06-17
    oval:org.opensuse.security:def:16506
    P
    		libexif-devel-0.6.21-8.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:16540
    P
    		libmusicbrainz-devel-2.1.5-27.79 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:16625
    P
    		obs-service-source_validator-0.7-9.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:33662
    P
    		Security update for MozillaFirefox (Important)
    2021-06-08
    oval:org.opensuse.security:def:16498
    P
    		libcdio++0-0.90-6.3.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:33908
    P
    		Security update for graphviz (Critical)
    2021-05-19
    oval:org.opensuse.security:def:30074
    P
    		Security update for the Linux Kernel (Important)
    2021-05-17
    oval:org.opensuse.security:def:29354
    P
    		Security update for tomcat (Important)
    2021-04-29
    oval:org.opensuse.security:def:32906
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:34419
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:34654
    P
    		Security update for apache2 (Moderate)
    2021-03-12
    oval:org.opensuse.security:def:30030
    P
    		Security update for java-1_8_0-ibm (Important)
    2021-02-26
    oval:org.opensuse.security:def:30011
    P
    		Security update for MozillaFirefox (Important)
    2021-01-29
    oval:org.opensuse.security:def:29485
    P
    		Security update for MozillaFirefox (Important)
    2021-01-12
    oval:org.opensuse.security:def:33627
    P
    		Security update for clamav (Important)
    2020-12-22
    oval:org.opensuse.security:def:31085
    P
    		Security update for xen (Important)
    2020-12-07
    oval:org.opensuse.security:def:34324
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:16682
    P
    		PackageKit-devel-1.1.3-24.9.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16948
    P
    		php7-devel-7.0.7-50.85.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16713
    P
    		dovecot22-devel-2.2.31-19.17.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16960
    P
    		quagga-devel-1.1.1-17.7.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16749
    P
    		gstreamer-plugins-bad-devel-1.8.3-17.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16982
    P
    		wireshark-devel-2.4.16-48.51.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:34323
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:35857
    P
    		PackageKit-0.3.14-2.28.46 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:28857
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:16859
    P
    		libopus-devel-1.1-3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:16891
    P
    		libspice-server-devel-0.12.8-12.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35816
    P
    		quagga-0.99.15-0.6.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:29272
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:30531
    P
    		Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:29715
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:28801
    P
    		Security update for openssh (Critical)
    2020-12-01
    oval:org.opensuse.security:def:33374
    P
    		Security update for compat-openssl097g (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32495
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18861
    P
    		Security update for dovecot22 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26254
    P
    		Security update for dia (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26633
    P
    		python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26596
    P
    		libpng12-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40863
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26986
    P
    		logwatch on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:41742
    P
    		Security update for libqt5-qtbase (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30621
    P
    		Security update for xen
    2020-12-01
    oval:org.opensuse.security:def:29868
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31064
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:30712
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:33509
    P
    		Security update for openswan
    2020-12-01
    oval:org.opensuse.security:def:32582
    P
    		nagios on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26255
    P
    		Security update for libqt4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26761
    P
    		libpulse-browse0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26680
    P
    		cups on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40927
    P
    		Security update for libgcrypt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27030
    P
    		squid on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30313
    P
    		Security update for tcpdump (Important)
    2020-12-01
    oval:org.opensuse.security:def:30678
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29923
    P
    		Security update for libexif (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30749
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34335
    P
    		Security update for sqlite3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:33605
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32738
    P
    		libxcrypt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33588
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:28124
    P
    		Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26842
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26831
    P
    		tar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27275
    P
    		pure-ftpd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27668
    P
    		Security update for rubygem-json_pure
    2020-12-01
    oval:org.opensuse.security:def:30314
    P
    		Security update for tcpdump (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30765
    P
    		Security update for apport (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29972
    P
    		Security update for librsvg
    2020-12-01
    oval:org.opensuse.security:def:31129
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:33281
    P
    		vsftpd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32795
    P
    		t1lib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34079
    P
    		Security update for libxslt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26557
    P
    		gnome-screensaver on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28190
    P
    		Security update for libapr-util1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26899
    P
    		fuse on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26884
    P
    		dhcpcd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27289
    P
    		sendmail on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27703
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18465
    P
    		Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:30920
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31767
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:40152
    P
    		Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:35068
    P
    		Security update for java-1_7_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:34123
    P
    		Security update for net-snmp (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26558
    P
    		gnutls on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28320
    P
    		Security update for osc (Low)
    2020-12-01
    oval:org.opensuse.security:def:26983
    P
    		libzip1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26933
    P
    		krb5-plugin-kdb-ldap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27333
    P
    		xorg-x11-libXrender-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18500
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:30976
    P
    		Security update for guestfs
    2020-12-01
    oval:org.opensuse.security:def:31805
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40163
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:35107
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:34761
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:29283
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:28405
    P
    		Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27134
    P
    		glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28840
    P
    		Security update for unzip
    2020-12-01
    oval:org.opensuse.security:def:27971
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18586
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31025
    P
    		Security update for java-1_7_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:40255
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:34711
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35134
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:28112
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:28462
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27187
    P
    		libgdiplus0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28006
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18644
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18919
    P
    		Security update for openssl-1_1 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:17620
    P
    		Security update for libwmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26266
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:40407
    P
    		Security update for git (Important)
    2020-12-01
    oval:org.opensuse.security:def:34801
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40979
    P
    		Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP2) (Important)
    2020-12-01
    oval:org.opensuse.security:def:35178
    P
    		Security update for kvm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28113
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:28546
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:27236
    P
    		lxc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28901
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:18457
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18678
    P
    		Security update for dovecot22 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18931
    P
    		Security update for freerdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:17646
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26330
    P
    		Security update for Mozilla Thunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:40516
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:34960
    P
    		Security update for freetype2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:41024
    P
    		Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30325
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29572
    P
    		Security update for amanda (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28698
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:29539
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:33282
    P
    		vte on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32344
    P
    		Security update for spice (Important)
    2020-12-01
    oval:org.opensuse.security:def:18716
    P
    		Security update for spice-gtk (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32844
    P
    		cvs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18955
    P
    		Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40151
    P
    		Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26458
    P
    		Security update for phpMyAdmin (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35019
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:41053
    P
    		Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:41787
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29271
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:30399
    P
    		Security update for Xen
    2020-12-01
    oval:org.opensuse.security:def:29629
    P
    		Security update for clamav
    2020-12-01
    oval:org.opensuse.security:def:28752
    P
    		Security update for libmspack (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29575
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33293
    P
    		xorg-x11-Xvnc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32438
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:18828
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:32883
    P
    		ibutils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:19593
    P
    		Security update for openssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26569
    P
    		kde4-kgreeter-plugins on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26539
    P
    		emacs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40687
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26972
    P
    		libsnmp15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:41104
    P
    		Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.cisecurity:def:183
    P
    		DSA-3325-1 -- apache2 -- security update
    2016-02-08
    oval:org.cisecurity:def:309
    V
    		HP-UX Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
    2016-02-08
    oval:com.redhat.rhsa:def:20151667
    P
    		RHSA-2015:1667: httpd security update (Moderate)
    2015-08-24
    oval:com.redhat.rhsa:def:20151668
    P
    		RHSA-2015:1668: httpd security update (Moderate)
    2015-08-24
    oval:com.ubuntu.precise:def:20153183000
    V
    		CVE-2015-3183 on Ubuntu 12.04 LTS (precise) - medium.
    2015-07-20
    oval:com.ubuntu.trusty:def:20153183000
    V
    		CVE-2015-3183 on Ubuntu 14.04 LTS (trusty) - medium.
    2015-07-20
    BACK
    apache http server *
    apache http server 2.4.7
    apache http server 2.4.8
    apache http server 2.4.9
    apache http server 2.4.10
    apache http server 2.4.12
    ibm http server 6.1
    ibm http server 7.0
    ibm http server 8.0
    ibm http server 8.5
    ibm security access manager for web 6.0
    ibm security access manager for web 6.1
    ibm security access manager for web 6.1.1
    ibm security access manager 7.0
    ibm security siteprotector system 3.0
    redhat jboss enterprise application platform 6
    ibm security network protection firmware 5.3
    ibm smartcloud entry 3.1
    ibm smartcloud entry 3.2
    ibm domino 9.0.1
    ibm domino 9.0
    ibm cloud orchestrator 2.3
    ibm smartcloud entry 2.3
    ibm smartcloud entry 2.4
    ibm security network protection firmware 5.2.0
    ibm tivoli netcool configuration manager 6.4.1
    ibm i 6.1.0
    ibm i 7.1.0
    ibm i 7.2.0
    ibm powerkvm 2.1
    ibm security siteprotector system 3.1.1
    ibm cloud orchestrator 2.4
    ibm tivoli monitoring 6.2.3
    ibm tivoli monitoring 6.3.0
    ibm cloud orchestrator 2.3.0.1
    ibm cloud orchestrator 2.4.0.1
    ibm cloud orchestrator 2.4.0.2
    ibm flex system manager node *
    ibm cloud orchestrator 2.5
    ibm transformation extender 9.0
    redhat jboss web server 2.1.0
    redhat jboss enterprise application platform 6.4