Vulnerability CVE-2016-8625 - CERT Civis.Net

Vulnerability Name:

CVE-2016-8625 (CCN-118644)

Assigned:

2016-09-14

Published:

2016-09-14

Updated:

2021-06-29

Summary:

curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-8625

Source: CCN
Type: SECTRACK ID: 1037192
cURL/libcurl Multiple Bugs Let Remote Users Inject Cookies, Reuse Connections, and Execute Arbitrary Code and Let Local Users Obtain Potentially Sensitive Information and Execute Arbitrary Code

Source: CCN
Type: IBM Security Bulletin 1996857 (Rational ClearCase)
Vulnerabilities in cURL component shipped with IBM Rational ClearCase (CVE-2016-8624, CVE-2016-8625)

Source: CCN
Type: IBM Security Bulletin 2001949 (Rational DOORS)
Vulnerabilities in libcurl and cURL affect Rational DOORS

Source: BID
Type: Third Party Advisory, VDB Entry
94107

Source: CCN
Type: BID-94107
cURL/libcURL CVE-2016-8625 Remote Security Bypass Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1037192

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:2486

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3558

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8625

Source: CONFIRM
Type: Patch, Vendor Advisory
https://curl.haxx.se/CVE-2016-8625.patch

Source: CONFIRM
Type: Patch, Vendor Advisory
https://curl.haxx.se/docs/adv_20161102K.html

Source: CCN
Type: Project cURL Vulnerability Table, September 14 2016
Vulnerabilities in curl 7.50.3

Source: XF
Type: UNKNOWN
libcurl-cve20168625-weak-security(118644)

Source: MLIST
Type: UNKNOWN
[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

Source: GENTOO
Type: Third Party Advisory
GLSA-201701-47

Source: CCN
Type: Apple security document HT207423
About the security content of macOS Sierra 10.12.2, Security Update 2016-003 El Capitan, and Security Update 2016-007 Yosemite

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CONFIRM
Type: Third Party Advisory
https://www.tenable.com/security/tns-2016-21

Vulnerable Configuration:

Configuration 1:

cpe:/a:haxx:curl:*:*:*:*:*:*:*:* (Version < 7.51.0)

Configuration CCN 1:

cpe:/a:ibm:rational_doors:9.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.14:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.16:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.17:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.14:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.18:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.16:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:7.1.2.19:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.17:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.18:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:9.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.19:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:9.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0.20:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:9.0.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.4.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.5.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_doors:9.6.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20168625	V	CVE-2016-8625	2023-06-22
oval:org.opensuse.security:def:8050	P	perl-Archive-Extract-0.80-1.24 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8004	P	dom4j-1.6.1-150200.12.6.3 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8112	P	Security update for openssl-1_1 (Important) (in QA)	2023-06-20
oval:org.opensuse.security:def:7982	P	wavpack-5.4.0-150000.4.15.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7476	P	curl-8.0.1-150400.5.23.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7974	P	python3-bottle-0.12.13-150000.3.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8097	P	Security update for texlive (Important)	2023-05-24
oval:org.opensuse.security:def:8131	P	Security update for dav1d (Moderate) (in QA)	2023-05-22
oval:org.opensuse.security:def:636	P	Security update for nodejs16 (Important) (in QA)	2022-09-29
oval:org.opensuse.security:def:6092	P	Security update for crash (Important)	2022-07-07
oval:org.opensuse.security:def:3046	P	curl-7.60.0-9.8 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:123639	P	curl-7.60.0-2.11 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3466	P	curl-7.60.0-9.8 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:124038	P	curl-7.60.0-2.11 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94532	P	curl-7.79.1-150400.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2902	P	curl-7.79.1-150400.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:6073	P	Security update for apache2 (Important)	2022-06-16
oval:org.opensuse.security:def:335	P	xdg-utils-1.1.3+20190413-1.24 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:38	P	curl-7.66.0-4.14.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:57	P	freetype2-devel-2.10.1-4.8.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:6058	P	Security update for postgresql14 (Important)	2022-05-27
oval:org.opensuse.security:def:6011	P	Security update for zabbix (Moderate)	2022-04-19
oval:org.opensuse.security:def:6192	P	Security update for libcaca (Important)	2022-03-14
oval:org.opensuse.security:def:967	P	Security update for python-libxml2-python (Important)	2022-03-10
oval:org.opensuse.security:def:6167	P	Security update for tcpdump (Moderate)	2022-02-18
oval:org.opensuse.security:def:100405	P	(Important)	2022-01-25
oval:org.opensuse.security:def:112132	P	curl-7.51.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:8402	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:5943	P	Security update for mariadb (Moderate)	2021-12-30
oval:org.opensuse.security:def:10433	P	Security update for go1.16 (Moderate)	2021-12-23
oval:org.opensuse.security:def:10386	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:8693	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:5935	P	Security update for gettext-runtime (Moderate)	2021-12-14
oval:org.opensuse.security:def:6256	P	Recommended update for php7 (Moderate)	2021-12-06
oval:org.opensuse.security:def:8680	P	Security update for openssh (Important)	2021-12-03
oval:org.opensuse.security:def:6243	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:105668	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:6234	P	Security update for postgresql12 (Important)	2021-11-22
oval:org.opensuse.security:def:8671	P	Security update for tomcat (Important)	2021-11-16
oval:org.opensuse.security:def:6225	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:10165	P	Security update for containerd, docker, runc (Important)	2021-10-25
oval:org.opensuse.security:def:61424	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61431	P	dstat-0.7.3-2.16 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103234	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71165	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96544	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89579	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:10340	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:69728	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:10329	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:10318	P	Security update for go1.15 (Moderate)	2021-08-20
oval:org.opensuse.security:def:10131	P	Security update for libsndfile (Critical)	2021-08-17
oval:org.opensuse.security:def:10316	P	Security update for webkit2gtk3 (Important)	2021-08-17
oval:org.opensuse.security:def:46992	P	libXfixes3-32bit-5.0.1-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47917	P	wget-1.14-21.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46907	P	colord-gtk-lang-0.1.26-6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47409	P	libsoup-2_4-1-2.54.1-4.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47704	P	libexempi3-2.2.1-5.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48084	P	libXrender1-0.9.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47279	P	gstreamer-plugins-good-1.8.3-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47587	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47855	P	perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:8629	P	Security update for cpio (Important)	2021-08-16
oval:org.opensuse.security:def:47185	P	xlockmore-5.43-5.30 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14467	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47982	P	cups-1.7.5-20.23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47039	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:87628	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47557	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47985	P	curl-7.60.0-9.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47735	P	libldb1-1.1.29-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47493	P	rrdtool-1.4.7-20.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14865	P	curl-7.60.0-9.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47317	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47639	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48013	P	gd-2.1.0-24.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47131	P	ppc64-diag-2.7.1-5.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47771	P	libpulse-mainloop-glib0-32bit-5.0-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47806	P	libvncclient0-0.9.9-17.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47577	P	coreutils-8.25-13.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:100814	P	curl-7.66.0-4.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62789	P	libid3tag0-0.15.1b-3.14 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62028	P	autofs-5.1.3-7.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63022	P	libtdsodbc0-1.1.36-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62056	P	curl-7.66.0-4.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62238	P	libvirt-libs-7.1.0-4.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71797	P	curl-7.66.0-4.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:10310	P	Security update for qemu (Important)	2021-08-02
oval:org.opensuse.security:def:6691	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15) (Important)	2021-07-27
oval:org.opensuse.security:def:70822	P	Security update for the Linux Kernel (Important)	2021-06-28
oval:org.opensuse.security:def:9353	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:6678	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15) (Important)	2021-06-18
oval:org.opensuse.security:def:6916	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:8604	P	Security update for squid (Important)	2021-06-11
oval:org.opensuse.security:def:70887	P	curl-7.60.0-1.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48444	P	hplip-3.14.6-3.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124508	P	libcurl-devel-7.60.0-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36320	P	w3m-0.5.2-132.2.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46857	P	tftp-5.2-10.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46578	P	strongswan-5.1.3-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46593	P	wireshark-1.10.9-1.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11291	P	elfutils-0.158-3.200 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70935	P	krb5-1.15.2-4.25 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36225	P	libtspi1-0.3.10-0.11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48722	P	gimp-2.8.10-1.164 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48498	P	libgraphite2-3-1.3.1-6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61239	P	libipa_hbac-devel-1.16.1-1.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36456	P	libjasper-devel-1.900.1-134.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46856	P	tcpdump-4.5.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46871	P	xen-4.5.1_12-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36224	P	libtiff3-3.8.2-141.154.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46714	P	libapr-util1-1.5.3-1.77 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11269	P	bogofilter-1.2.4-3.56 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48776	P	gnome-shell-calendar-3.20.4-70.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36236	P	logwatch-7.3.6-65.74.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61146	P	curl-7.60.0-1.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:77720	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61238	P	libidn2-0-2.0.4-1.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12424	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61262	P	libopus0-1.2.1-1.29 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36557	P	rubygem-activemodel-3_2-3.2.12-0.5.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46579	P	stunnel-5.00-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16502	P	libcurl-devel-7.60.0-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10265	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:9331	P	Security update for shim (Important)	2021-06-01
oval:org.opensuse.security:def:10084	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:6894	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (Important)	2021-05-25
oval:org.opensuse.security:def:8955	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:6669	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:10240	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:8933	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:6660	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-04-07
oval:org.opensuse.security:def:69623	P	Security update for tomcat (Important)	2021-04-01
oval:org.opensuse.security:def:8264	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:5965	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:8372	P	Security update for the Linux Kernel (Important)	2021-02-09
oval:org.opensuse.security:def:8662	P	Security update for python-urllib3 (Moderate)	2021-02-08
oval:org.opensuse.security:def:10307	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:6446	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:8380	P	Security update for hawk2 (Important)	2021-01-12
oval:org.opensuse.security:def:10146	P	Security update for dovecot23 (Important)	2021-01-05
oval:org.opensuse.security:def:10631	P	Security update for the Linux Kernel (Important)	2020-12-10
oval:org.opensuse.security:def:8529	P	Security update for xen (Important)	2020-12-04
oval:org.opensuse.security:def:3969	P	libcurl-devel-7.60.0-9.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61898	P	libunbound2-1.6.8-8.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62921	P	perl-Tk-devel-804.034-1.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12859	P	curl-7.60.0-9.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62557	P	libjasper-devel-2.0.14-3.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:93692	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16805	P	libcurl-devel-7.60.0-9.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116629	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61725	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62687	P	libnma-devel-1.8.24-5.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62972	P	perl-Archive-Extract-0.80-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107071	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61704	P	bash-4.4-9.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71466	P	curl-7.66.0-2.59 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49023	P	libofx-0.9.9-3.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62883	P	aaa_base-malloccheck-84.87+git20180409.04c9dae-3.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63055	P	python2-numpy-gnu-hpc-1.16.5-1.164 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36622	P	java-1_7_0-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52892	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:8231	P	vino on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36864	P	java-1_8_0-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10609	P	xen-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:72945	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:49077	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36634	P	libXfixes3-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53736	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:10989	P	libcurl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6378	P	libgcrypt20 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10467	P	libXext-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52213	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:53451	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:8510	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67582	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36955	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8273	P	chrony on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38161	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6493	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36972	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7351	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52613	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:37437	P	gdk-pixbuf-loader-rsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66280	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:36614	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55012	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10008	P	update-alternatives on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10038	P	automake on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37262	P	libthai-data on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53617	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:64235	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6602	P	fontconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37083	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53058	P	Security update for librsvg (Moderate)	2020-12-01
oval:org.opensuse.security:def:8448	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36923	P	libmms0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10618	P	LibVNCServer-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52212	P	Security update for rubygem-actionpack-5_1 (Important)	2020-12-01
oval:org.opensuse.security:def:36718	P	openssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10967	P	libXrender-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6370	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6400	P	libmikmod3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10542	P	libsmbclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52235	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:37370	P	DirectFB on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37012	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8282	P	cron on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37721	P	SuSEfirewall2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6508	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37011	P	radvd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7329	P	bind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66372	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52786	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15) (Important)	2020-12-01
oval:org.opensuse.security:def:8206	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37481	P	libHX28 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55086	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36704	P	libvte9 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73063	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36623	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37321	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53655	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6627	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53343	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:8495	P	perl-XML-LibXML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36854	P	hardlink on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67482	P	Security update for nodejs10 (Critical)	2020-12-01
oval:org.opensuse.security:def:10567	P	libzip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38119	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52375	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:37409	P	cups-pk-helper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37763	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10016	P	xalan-j2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37102	P	dnsmasq on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53543	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:8295	P	dosfstools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6527	P	wdiff on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37039	P	vino on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64148	P	Security update for libsolv (Moderate)	2020-12-01
oval:com.ubuntu.cosmic:def:201686250000000	V	CVE-2016-8625 on Ubuntu 18.10 (cosmic) - low.	2018-08-01
oval:com.ubuntu.trusty:def:20168625000	V	CVE-2016-8625 on Ubuntu 14.04 LTS (trusty) - low.	2018-08-01
oval:com.ubuntu.bionic:def:201686250000000	V	CVE-2016-8625 on Ubuntu 18.04 LTS (bionic) - low.	2018-08-01
oval:com.ubuntu.bionic:def:20168625000	V	CVE-2016-8625 on Ubuntu 18.04 LTS (bionic) - low.	2018-08-01
oval:com.ubuntu.xenial:def:20168625000	V	CVE-2016-8625 on Ubuntu 16.04 LTS (xenial) - low.	2018-08-01
oval:com.ubuntu.xenial:def:201686250000000	V	CVE-2016-8625 on Ubuntu 16.04 LTS (xenial) - low.	2018-08-01
oval:com.ubuntu.cosmic:def:20168625000	V	CVE-2016-8625 on Ubuntu 18.10 (cosmic) - low.	2018-08-01
oval:com.ubuntu.disco:def:201686250000000	V	CVE-2016-8625 on Ubuntu 19.04 (disco) - low.	2018-08-01
oval:com.ubuntu.artful:def:20168625000	V	CVE-2016-8625 on Ubuntu 17.10 (artful) - low.	2016-11-02
oval:com.ubuntu.precise:def:20168625000	V	CVE-2016-8625 on Ubuntu 12.04 LTS (precise) - low.	2016-11-02