Vulnerability CVE-2016-10712

Vulnerability Name:

CVE-2016-10712 (CCN-139451)

Assigned:

2018-02-09

Published:

2018-02-09

Updated:

2019-05-22

Summary:

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-10712

Source: CCN
Type: IBM Security Bulletin 719061 (System x Blades)
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in php

Source: CCN
Type: PHP Sec Bug #71323
Output of stream_get_meta_data can be falsified by its input

Source: CONFIRM
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
https://bugs.php.net/bug.php?id=71323

Source: XF
Type: UNKNOWN
php-cve201610712-weak-security(139451)

Source: CONFIRM
Type: Patch, Vendor Advisory
https://git.php.net/?p=php-src.git;a=commit;h=6297a117d77fa3a0df2e21ca926a92c231819cd5

Source: UBUNTU
Type: UNKNOWN
USN-3566-2

Source: UBUNTU
Type: Third Party Advisory
USN-3600-1

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.5.31)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 5.6.0 and <= 5.6.17)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and <= 7.0.2)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:5.5.31:*:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.2:-:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.17:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201610712	V	CVE-2016-10712	2022-09-02
oval:org.opensuse.security:def:29496	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:30171	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:32230	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:30156	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:29452	P	Security update for xen (Moderate)	2021-11-29
oval:org.opensuse.security:def:34582	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:33033	P	Security update for python (Moderate)	2021-10-26
oval:org.opensuse.security:def:29435	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:30134	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:38662	P	Security update for MozillaFirefox (Important)	2021-10-01
oval:org.opensuse.security:def:30245	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:35263	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:33960	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:14117	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13983	P	mailman-2.1.17-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14298	P	libtcnative-1-0-1.1.34-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13953	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14322	P	mailman-2.1.17-1.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14229	P	libgoa-1_0-0-3.20.5-9.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14099	P	chrony-2.3-3.110 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13961	P	libssh2-1-1.4.3-19.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14982	P	libcroco-0_6-3-0.6.11-12.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14136	P	freeradius-server-3.0.14-1.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14051	P	update-alternatives-1.18.4-14.216 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14309	P	libvncclient0-0.9.9-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14960	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14254	P	libmicrohttpd10-0.9.30-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:33949	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:31227	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:33948	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:38822	P	Security update for djvulibre (Important)	2021-07-02
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:36279	P	python-imaging-1.1.6-168.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17240	P	gstreamer-0_10-plugins-base-0.10.36-17.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17198	P	libproxy1-networkmanager-32bit-0.4.13-16.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32938	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:17206	P	libvdpau1-32bit-1.1.1-6.73 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36321	P	wget-1.11.4-1.19.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:34424	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:28914	P	Security update for xen (Important)	2021-04-20
oval:org.opensuse.security:def:29347	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:31140	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:34044	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:33090	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:34640	P	Security update for java-1_8_0-ibm (Important)	2021-02-26
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:30024	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:38778	P	Security update for cups (Moderate)	2021-02-02
oval:org.opensuse.security:def:29396	P	Security update for sudo (Important)	2021-01-27
oval:org.opensuse.security:def:29950	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:31083	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:35570	P	kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35641	P	syslog-ng-2.0.9-27.27.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17382	P	python3-requests-2.7.0-2.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35531	P	coolkey-1.1.0-22.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35597	P	libpoppler-glib4-0.12.3-1.2.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17325	P	gstreamer-0_10-plugins-good-0.10.31-16.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:29939	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:27100	P	cpio on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38603	P	git-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33478	P	Security update for libtool	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:32712	P	libgdiplus0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38295	P	libgraphite2-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33545	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:28702	P	Security update for GPG2	2020-12-01
oval:org.opensuse.security:def:37972	P	libthai-data on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31488	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:18681	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:35015	P	Security update for gpgme	2020-12-01
oval:org.opensuse.security:def:17995	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29220	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:34784	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:30991	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.opensuse.security:def:34335	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:30597	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27628	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:18320	P	Security update for libvorbis (Moderate)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30302	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:33333	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:28310	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29293	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:38711	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39502	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:32724	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29000	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:17784	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28448	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:28714	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:17660	P	Recommended update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:28194	P	Security update for libcgroup1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17591	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:31548	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:30774	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:27969	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:17413	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:27526	P	opensc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34728	P	Security update for ImageMagick (Low)	2020-12-01
oval:org.opensuse.security:def:27238	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30685	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:34797	P	Security update for ansible, python-straight-plugin (Moderate)	2020-12-01
oval:org.opensuse.security:def:29938	P	Security update for libksba	2020-12-01
oval:org.opensuse.security:def:26972	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38443	P	perl-LWP-Protocol-https on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33439	P	Security update for ethereal and wireshark	2020-12-01
oval:org.opensuse.security:def:30748	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:34223	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:38193	P	ghostscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35482	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33501	P	Security update for Mozilla XULrunner	2020-12-01
oval:org.opensuse.security:def:37961	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35173	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31439	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28502	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:18655	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:27766	P	Security update for jasper	2020-12-01
oval:org.opensuse.security:def:34879	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:17648	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:29184	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:30859	P	Security update for e2fsprogs	2020-12-01
oval:org.opensuse.security:def:34278	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:30542	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:27614	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:17682	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26896	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33177	P	librpcsecgss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27672	P	Security update for Ruby on Rails	2020-12-01
oval:org.opensuse.security:def:29141	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17926	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39460	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32713	P	libgnomesu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17748	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28399	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:34783	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17575	P	Security update for cups (Critical)	2020-12-01
oval:org.opensuse.security:def:28110	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:17559	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:31527	P	Security update for Ruby	2020-12-01
oval:org.opensuse.security:def:30773	P	Security update for automake	2020-12-01
oval:org.opensuse.security:def:27841	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:27473	P	libpoppler-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34689	P	Security update for xorg-x11-server	2020-12-01
oval:org.opensuse.security:def:31592	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:35476	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27181	P	libevent-1_4-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34753	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31424	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:26908	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38353	P	libprocps3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34183	P	Security update for openswan	2020-12-01
oval:org.opensuse.security:def:28703	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38056	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35423	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:17983	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:17533	P	Security update for dbus-1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35116	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31383	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:28487	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:18017	P	Security update for MozillaFirefox, mozilla-nss, mozilla-nspr, java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:27765	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:34795	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:30646	P	Security update for xorg-x11-libXv	2020-12-01
oval:org.opensuse.security:def:28546	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:18346	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:30785	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:34180	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30388	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:33390	P	Security update for SUSE Manager client tools	2020-12-01
oval:org.opensuse.security:def:28345	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:38750	P	logrotate on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37960	P	libsnmp30-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32803	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29057	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:17894	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28783	P	Security update for lxc (Moderate)	2020-12-01
oval:org.opensuse.security:def:17717	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28346	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17541	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:28053	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:17449	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:27575	P	unixODBC_23-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27777	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27322	P	x3270 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30704	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35435	P	Security update for openvpn (Important)	2020-12-01
oval:com.ubuntu.artful:def:201610712000	V	CVE-2016-10712 on Ubuntu 17.10 (artful) - low.	2018-02-09
oval:com.ubuntu.xenial:def:2016107120000000	V	CVE-2016-10712 on Ubuntu 16.04 LTS (xenial) - low.	2018-02-09
oval:com.ubuntu.trusty:def:201610712000	V	CVE-2016-10712 on Ubuntu 14.04 LTS (trusty) - low.	2018-02-09
oval:com.ubuntu.xenial:def:201610712000	V	CVE-2016-10712 on Ubuntu 16.04 LTS (xenial) - low.	2018-02-09

BACK