Vulnerability CVE-2015-8994

Vulnerability Name:

CVE-2015-8994 (CCN-127979)

Assigned:

2016-11-05

Published:

2016-11-05

Updated:

2022-08-16

Summary:

An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.9 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2015-8994

Source: MISC
Type: Mailing List
http://marc.info/?l=php-internals&m=147876797317925&w=2

Source: MISC
Type: Mailing List
http://marc.info/?l=php-internals&m=147921016724565&w=2

Source: MISC
Type: Mailing List
http://openwall.com/lists/oss-security/2017/02/28/1

Source: CCN
Type: oss-sec Mailing List, Sat, 05 Nov 2016 03:30:41 -0500
CVE Request: PHP with Zend OPCache code permission/sensitive data protection vulnerabilities

Source: MISC
Type: Mailing List, Third Party Advisory
http://seclists.org/oss-sec/2016/q4/343

Source: MISC
Type: Mailing List, Third Party Advisory
http://seclists.org/oss-sec/2017/q1/520

Source: MISC
Type: Exploit, Issue Tracking
https://bugs.php.net/bug.php?id=69090

Source: XF
Type: UNKNOWN
php-cve20158994-info-disc(127979)

Source: MISC
Type: Exploit, Technical Description, Third Party Advisory
https://ma.ttias.be/a-better-way-to-run-php-fpm/

Source: CCN
Type: PHP Web site
PHP

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.0.0 and <= 5.6.29)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and < 7.0.14)

Configuration CCN 1:

cpe:/a:php:php:7.0.12:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.27:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20158994	V	CVE-2015-8994	2022-09-02
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:9885	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:9884	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:10175	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:10176	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:10162	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:38332	P	Security update for transfig (Important)	2021-10-06
oval:org.opensuse.security:def:38801	P	Security update for curl (Moderate)	2021-09-23
oval:org.opensuse.security:def:10154	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:10153	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:38274	P	Security update for openssl (Important)	2021-08-24
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:14961	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14098	P	bzip2-1.0.6-29.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13964	P	libtasn1-3.7-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14210	P	libapr1-1.5.1-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14078	P	alsa-1.0.27.2-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13940	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13934	P	libnghttp2-14-1.7.1-1.84 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14963	P	libXrandr2-1.5.0-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14288	P	libsnmp30-32bit-5.7.3-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14939	P	krb5-1.12.5-40.37.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14080	P	apache-commons-beanutils-1.9.2-1.149 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13942	P	libpng16-16-1.6.8-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14115	P	cvs-1.12.12-181.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14030	P	ruby-2.1-1.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14233	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14290	P	libspice-client-glib-2_0-8-0.33-1.33 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14941	P	lcms2-2.7-9.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14277	P	libpoppler-glib8-0.43.0-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14117	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14301	P	libtirpc-netconfig-1.0.1-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14032	P	shim-0.9-20.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14235	P	libicu-doc-52.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14096	P	binutils-2.26.1-9.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13962	P	libsystemd0-228-117.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14208	P	libXxf86vm1-1.1.3-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13932	P	libmysqlclient18-10.0.27-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14279	P	libpulse-mainloop-glib0-32bit-5.0-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14303	P	libupsclient1-2.7.1-4.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:10112	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:10111	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:17231	P	finch-2.12.0-3.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17090	P	telepathy-idle-0.2.0-1.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17143	P	pidgin-otr-4.0.0-11.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17274	P	libproxy1-networkmanager-32bit-0.4.13-16.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17288	P	libzmq3-4.0.4-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17098	P	cyrus-sasl-digestmd5-32bit-2.1.26-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16348	P	php5-devel-5.5.14-108.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17240	P	gstreamer-0_10-plugins-base-0.10.36-17.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17101	P	finch-2.11.0-12.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17053	P	gimp-2.8.10-1.164 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17199	P	libqt4-sql-mysql-32bit-4.8.6-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17285	P	libwmf-0_2-7-0.2.8.4-242.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17297	P	shotwell-0.22.0+git.20160103-15.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17109	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16349	P	php7-devel-7.0.7-49.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17217	P	telepathy-gabble-0.18.3-5.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17062	P	libdirectfb-1_7-1-32bit-1.7.1-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17208	P	libwmf-0_2-7-0.2.8.4-242.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17022	P	libqt4-sql-mysql-32bit-4.8.6-2.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17228	P	cyrus-sasl-digestmd5-32bit-2.1.26-8.7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17300	P	typelib-1_0-EvinceDocument-3_0-3.20.2-6.22.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17132	P	libreoffice-5.1.5.2-29.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17031	P	libzmq3-4.0.4-2.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17089	P	telepathy-gabble-0.18.1-3.268 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10087	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:10086	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:9863	P	Security update for git (Important)	2021-03-09
oval:org.opensuse.security:def:9862	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:39441	P	Security update for python27 (Moderate)	2021-03-04
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:9854	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:9855	P	Security update for bind (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:38172	P	Security update for java-1_7_0-ibm (Important)	2021-02-23
oval:org.opensuse.security:def:10163	P	Security update for python-urllib3 (Moderate)	2021-02-08
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:16965	P	ruby2.1-devel-2.1.9-18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17316	P	freerdp-2.0.0~git.1463131968.4e66df7-12.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17309	P	colord-1.3.3-12.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17341	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17322	P	gnome-shell-calendar-3.20.4-77.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16974	P	sudo-devel-1.8.27-2.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16880	P	libraw-devel-0.15.4-30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16838	P	liblcms-devel-1.19-17.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17352	P	libnewt0_52-0.52.16-1.83 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17331	P	kernel-default-extra-4.12.14-120.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16889	P	libsolv-devel-0.6.36-2.16.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16846	P	libmspack-devel-0.4-14.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16847	P	libmusicbrainz-devel-2.1.5-27.79 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17305	P	argyllcms-1.6.3-3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16855	P	libofx-0.9.9-3.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:39439	P	Security update for python27 (Important)	2020-12-02
oval:org.opensuse.security:def:10011	P	vsftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38757	P	opensc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9930	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38276	P	libcares2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17551	P	Security update for webkitgtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:37953	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38424	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17585	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38641	P	libXext6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18238	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37940	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17462	P	Security update for compat-openssl098 (Important)	2020-12-01
oval:org.opensuse.security:def:17969	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:10814	P	libxslt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10012	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38759	P	openssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9931	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9992	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38729	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38174	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38643	P	libXfont1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18249	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37942	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17552	P	Security update for libXfont (Important)	2020-12-01
oval:org.opensuse.security:def:38035	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38582	P	dracut on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18212	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17483	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:17986	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37939	P	libplist3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10835	P	php5-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9993	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38731	P	libsystemd0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38803	P	stunnel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9977	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38690	P	libksba8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39481	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38334	P	libnm-glib-vpn1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17563	P	Security update for gd (Low)	2020-12-01
oval:org.opensuse.security:def:38037	P	procmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38584	P	e2fsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18223	P	Security update for ppp (Moderate)	2020-12-01
oval:org.opensuse.security:def:17540	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:37951	P	libqt4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38422	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17574	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17494	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17995	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37941	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10836	P	php7-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17451	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:17960	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10813	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9978	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38692	P	libldap-2_4-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39483	P	Security update for php7 (Moderate)	2020-12-01
oval:com.ubuntu.precise:def:20158994000	V	CVE-2015-8994 on Ubuntu 12.04 LTS (precise) - low.	2017-03-02
oval:com.ubuntu.xenial:def:201589940000000	V	CVE-2015-8994 on Ubuntu 16.04 LTS (xenial) - low.	2017-03-02
oval:com.ubuntu.trusty:def:20158994000	V	CVE-2015-8994 on Ubuntu 14.04 LTS (trusty) - low.	2017-03-02
oval:com.ubuntu.xenial:def:20158994000	V	CVE-2015-8994 on Ubuntu 16.04 LTS (xenial) - low.	2017-03-02

BACK