Vulnerability CVE-2017-18258

Vulnerability Name:

CVE-2017-18258 (CCN-141432)

Assigned:

2017-09-07

Published:

2017-09-07

Updated:

2020-09-10

Summary:

The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

3.5 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
3.1 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-770
CWE-400

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-18258

Source: CCN
Type: IBM Security Bulletin 843434 (API Connect)
IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018

Source: XF
Type: UNKNOWN
libxml2-cve201718258-dos(141432)

Source: CCN
Type: libxml2 GIT Repository
Set memory limit for LZMA decompression

Source: MISC
Type: Patch, Vendor Advisory
https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb

Source: CONFIRM
Type: UNKNOWN
https://kc.mcafee.com/corporate/index?page=content&id=SB10284

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20190719-0001/

Source: UBUNTU
Type: UNKNOWN
USN-3739-1

Source: CCN
Type: IBM Security Bulletin 6238168 (QRadar Network Security)
IBM QRadar Network Security is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6252773 (MQ Appliance)
IBM MQ Appliance is affected by multiple libxml2 vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6837653 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container may be vulnerable to denial of service due to CVE-2017-18258

Source: CCN
Type: IBM Security Bulletin 6966978 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Vulnerable Configuration:

Configuration 1:

cpe:/a:xmlsoft:libxml2:*:*:*:*:*:*:*:* (Version < 2.9.6)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:xmlsoft:libxml2:2.9.5:*:*:*:*:*:*:*

AND

cpe:/a:ibm:api_connect:5.0.8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_security:5.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_security:5.5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise_certified_container:6.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8201	P	Security update for tomcat (Important)	2023-06-13
oval:org.opensuse.security:def:7593	P	libgstphotography-1_0-0-1.22.0-150500.1.3 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7571	P	libXvnc1-1.12.0-150500.2.6 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:201718258	V	CVE-2017-18258	2022-09-02
oval:org.opensuse.security:def:124265	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:123868	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3288	P	libxml2-2-2.9.4-46.20.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:43636	P	Security update for the Linux Kernel (Important)	2022-06-24
oval:org.opensuse.security:def:230	P	libxml2-2-2.9.7-3.28.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:507	P	Security update for postgresql14 (Important)	2022-06-01
oval:org.opensuse.security:def:6194	P	Security update for glib2 (Moderate)	2022-03-14
oval:org.opensuse.security:def:6172	P	Security update for ucode-intel (Important)	2022-02-25
oval:org.opensuse.security:def:6164	P	Security update for expat (Important)	2022-02-18
oval:org.opensuse.security:def:1159	P	Security update for the Linux Kernel (Important)	2022-01-19
oval:org.opensuse.security:def:8922	P	Security update for busybox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:6302	P	Security update for libmspack (Low)	2022-01-13
oval:org.opensuse.security:def:10430	P	Security update for libsndfile (Important)	2022-01-11
oval:org.opensuse.security:def:55315	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:6287	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10431	P	Security update for xorg-x11-server (Important)	2021-12-21
oval:org.opensuse.security:def:8690	P	Security update for fetchmail (Moderate)	2021-12-14
oval:org.opensuse.security:def:10186	P	Security update for the Linux Kernel (Important)	2021-12-07
oval:org.opensuse.security:def:823	P	Security update for brotli (Moderate)	2021-12-06
oval:org.opensuse.security:def:8871	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:6240	P	Security update for the Linux Kernel (Important)	2021-11-25
oval:org.opensuse.security:def:10367	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:6485	P	Security update for the Linux Kernel (Important)	2021-11-16
oval:org.opensuse.security:def:55266	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:59813	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:8846	P	Security update for MozillaFirefox (Important)	2021-10-11
oval:org.opensuse.security:def:9595	P	Security update for grilo (Important)	2021-10-06
oval:org.opensuse.security:def:60373	P	Security update for sqlite3 (Important)	2021-09-23
oval:org.opensuse.security:def:23672	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:61658	P	subversion-1.10.0-3.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96716	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61684	P	yast2-multipath-4.1.1-6.56 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103406	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61489	P	libXext-devel-1.3.3-1.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71337	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61479	P	less-530-1.6 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89751	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61466	P	hardlink-1.0+git.e66999f-1.25 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61596	P	libxml2-2-2.9.7-3.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63199	P	cyrus-sasl-sqlauxprop-2.1.26-5.3.2 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61465	P	gzip-1.9-2.21 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:10342	P	Security update for ghostscript (Critical)	2021-09-15
oval:org.opensuse.security:def:55241	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:10654	P	Security update for MozillaThunderbird (Important)	2021-08-30
oval:org.opensuse.security:def:8644	P	Security update for mariadb (Moderate)	2021-08-25
oval:org.opensuse.security:def:6454	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:69915	P	Security update for krb5 (Important)	2021-08-20
oval:org.opensuse.security:def:9573	P	Security update for php7 (Important)	2021-08-20
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:7145	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP2) (Important)	2021-08-17
oval:org.opensuse.security:def:47581	P	crash-7.2.1-2.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47028	P	libhogweed2-2.7.1-9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48185	P	libquicktime0-1.2.4-14.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:61085	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:47164	P	sysvinit-tools-2.88+-96.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47814	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47943	P	accountsservice-0.6.42-16.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47489	P	radvd-1.9.7-2.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14694	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48154	P	libncurses5-32bit-5.9-64.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47043	P	libldb1-1.1.26-10.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48227	P	libxml2-2-2.9.4-46.20.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47729	P	libjson-c2-0.11-2.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48256	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15107	P	libxml2-2-2.9.4-46.20.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47357	P	libimobiledevice6-1.2.0-7.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:87855	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48089	P	libXvnc1-1.6.0-22.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47029	P	libicu-doc-52.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48027	P	gpg2-2.0.24-9.8.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:71989	P	libxml2-2-2.9.7-3.28.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62323	P	screen-4.6.2-5.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62784	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62125	P	libXfont2-2-2.0.3-1.17 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62248	P	libxml2-2-2.9.7-3.28.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62231	P	libtspi1-0.3.14-6.6.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62130	P	libXrender-devel-0.9.10-1.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62361	P	yast2-security-4.3.16-1.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63016	P	jcl-over-slf4j-1.7.30-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62255	P	libzstd-devel-1.4.4-1.6.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:23636	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:6933	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP1) (Important)	2021-07-27
oval:org.opensuse.security:def:23624	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:8622	P	Security update for curl (Moderate)	2021-07-21
oval:org.opensuse.security:def:7123	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Important)	2021-07-16
oval:org.opensuse.security:def:10118	P	Security update for nodejs10 (Important)	2021-07-15
oval:org.opensuse.security:def:6688	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15) (Important)	2021-07-15
oval:org.opensuse.security:def:6920	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-07-14
oval:org.opensuse.security:def:8614	P	Security update for ovmf (Important)	2021-06-25
oval:org.opensuse.security:def:10110	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:6911	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:6472	P	Security update for postgresql12 (Moderate)	2021-06-17
oval:org.opensuse.security:def:10679	P	Security update for the Linux Kernel (Important)	2021-06-15
oval:org.opensuse.security:def:36451	P	libgnutls-devel-2.4.1-24.39.55.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12377	P	xfsprogs-4.3.0-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61352	P	radvd-2.17-3.18 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13282	P	cvs-1.12.12-181.54 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12301	P	minicom-2.7-3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61302	P	libwavpack1-5.1.0-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16605	P	libxml2-devel-2.9.4-46.15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36547	P	python-imaging-1.1.6-168.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12558	P	libidn11-1.28-5.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13260	P	apache2-2.4.10-6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48894	P	bluez-cups-5.13-5.4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12439	P	eog-3.20.4-7.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12609	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61252	P	libmpfr6-4.0.1-1.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124611	P	libxml2-devel-2.9.4-46.15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12331	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61161	P	firewall-macros-0.5.3-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61209	P	libXfont2-2-2.0.3-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36463	P	libmspack-devel-0.0.20060920alpha-74.5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12533	P	libblkid1-2.29.2-7.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46510	P	libpython2_7-1_0-2.7.7-2.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12424	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12600	P	libpcsclite1-1.8.10-7.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11403	P	libsnmp30-32bit-5.7.2.1-3.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12309	P	openvpn-2.3.8-16.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71107	P	syslog-service-2.0-2.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61171	P	glib2-devel-2.54.3-2.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36452	P	libgpgme-devel-1.1.6-25.32.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48948	P	libstaroffice-0_0-0-0.0.5-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11381	P	libmysqlclient18-10.0.11-6.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12458	P	glib2-lang-2.48.2-10.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70994	P	libmspack-devel-0.6-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:77949	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12653	P	libxml2-2-2.9.4-46.15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12622	P	libsndfile1-1.0.25-36.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46459	P	libXi6-1.7.2-3.61 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61332	P	perl-LWP-Protocol-https-6.06-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10267	P	Security update for djvulibre (Important)	2021-06-04
oval:org.opensuse.security:def:6902	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-05-25
oval:org.opensuse.security:def:8358	P	Security update for graphviz (Critical)	2021-05-19
oval:org.opensuse.security:def:55185	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:60252	P	Security update for openvpn (Moderate)	2021-05-12
oval:org.opensuse.security:def:8752	P	Security update for webkit2gtk3 (Important)	2021-05-04
oval:org.opensuse.security:def:10248	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:45672	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:67754	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-04-28
oval:org.opensuse.security:def:8935	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:23548	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:8737	P	Security update for open-iscsi (Important)	2021-04-13
oval:org.opensuse.security:def:64320	P	Security update for zstd (Moderate)	2021-04-08
oval:org.opensuse.security:def:6869	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:10233	P	Security update for tomcat (Important)	2021-04-01
oval:org.opensuse.security:def:69810	P	Security update for gnutls (Important)	2021-03-24
oval:org.opensuse.security:def:10422	P	Security update for go1.15 (Moderate)	2021-03-24
oval:org.opensuse.security:def:10418	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:6321	P	Security update for evolution-data-server (Moderate)	2021-03-19
oval:org.opensuse.security:def:8913	P	Security update for glib2 (Important)	2021-03-19
oval:org.opensuse.security:def:10409	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:8904	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:6463	P	Security update for java-1_8_0-openjdk (Moderate)	2021-03-01
oval:org.opensuse.security:def:23181	P	Security update for perl-XML-Twig (Moderate)	2021-03-01
oval:org.opensuse.security:def:23178	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:44471	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:8324	P	Security update for rubygem-nokogiri (Important)	2021-02-01
oval:org.opensuse.security:def:8771	P	Security update for wavpack (Moderate)	2021-01-21
oval:org.opensuse.security:def:23152	P	Security update for openldap2 (Moderate)	2021-01-15
oval:org.opensuse.security:def:37504	P	Security update for cyrus-sasl (Important)	2020-12-17
oval:org.opensuse.security:def:43740	P	Security update for openssl1 (Important)	2020-12-09
oval:org.opensuse.security:def:6844	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1) (Important)	2020-12-07
oval:org.opensuse.security:def:61912	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13101	P	libxml2-2-2.9.4-46.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62493	P	sane-backends-1.0.27-4.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4081	P	libxml2-devel-2.9.4-46.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62460	P	libopenjpeg1-1.5.2-2.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16917	P	libxml2-devel-2.9.4-46.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63110	P	rmt-server-pubcloud-1.2.2-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100592	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63282	P	libspice-server-devel-0.14.2-1.58 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116816	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62465	P	libpotrace0-1.15-3.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63249	P	apache2-devel-2.4.43-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62410	P	gdm-3.26.2.1-11.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107258	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61931	P	openssh-8.1p1-3.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71653	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62914	P	pam-devel-32bit-1.3.0-6.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62002	P	wicked-0.6.63-1.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63148	P	dovecot23-2.3.1-2.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:93879	P	libxml2-2-2.9.7-3.19.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:53287	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:8458	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37266	P	libusbmuxd4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9160	P	libsystemd0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17461	P	Security update for shim (Moderate)	2020-12-01
oval:org.opensuse.security:def:54316	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45536	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:37612	P	libxslt-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10730	P	libexif-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73250	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22366	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:53965	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66467	P	libhogweed4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36865	P	kbd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10452	P	hivex-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60067	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:23294	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:37563	P	libopus0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55147	P	ibus-chewing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37948	P	libpython2_7-1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49264	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60724	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:52842	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:8339	P	iputils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44212	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:53765	P	Security update for libwpd (Important)	2020-12-01
oval:org.opensuse.security:def:45120	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:17704	P	Security update for bsh2 (Important)	2020-12-01
oval:org.opensuse.security:def:73132	P	libXi-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22148	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:37091	P	ctags on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53772	P	Security update for ffmpeg (Low)	2020-12-01
oval:org.opensuse.security:def:8509	P	qemu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44663	P	Recommended update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:67654	P	libXrandr-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59631	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:23062	P	Security update for dpdk-thunderxdpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:6735	P	libpango-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37254	P	libspice-server1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60987	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:45729	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17937	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:52442	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:8231	P	vino on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43905	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:53680	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:22472	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:45349	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:36864	P	java-1_8_0-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44707	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:17580	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:54588	P	libpolkit0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37679	P	squid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18601	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17453	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:21938	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:36784	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44526	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:6620	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36960	P	libvorbis-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10545	P	libsoup-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23501	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:43625	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:53121	P	Security update for salt (Critical)	2020-12-01
oval:org.opensuse.security:def:8433	P	libpoppler44 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37238	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38361	P	libquicktime0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64407	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59630	P	Security update for tigervnc (Important)	2020-12-01
oval:org.opensuse.security:def:54143	P	xlockmore on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45330	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17846	P	Security update for ghostscript (Moderate)	2020-12-01
oval:org.opensuse.security:def:10721	P	libblkid-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18575	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:56616	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52441	P	Security update for golang-github-prometheus-prometheus (Moderate)	2020-12-01
oval:org.opensuse.security:def:22241	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:6421	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53884	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:11091	P	libxml2-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23248	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:6769	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55073	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:45821	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:60702	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:52604	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:44095	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:22514	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:49210	P	libpainter0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53743	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:44999	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:17668	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:54981	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43624	P	Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:22084	P	Security update for ppp (Important)	2020-12-01
oval:org.opensuse.security:def:36931	P	libpango-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8500	P	ppp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44606	P	Security update for libzypp, zypper (Moderate)	2020-12-01
oval:org.opensuse.security:def:11069	P	libssh-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:21930	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:23009	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:37197	P	libgcrypt20 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10579	P	openldap2-back-perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60867	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:17915	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6612	P	gimp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8209	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53572	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:8491	P	perl-Config-IniFiles on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37310	P	python on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44696	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:17495	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:54422	P	argyllcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45614	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:37651	P	ppp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10743	P	libicu-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45301	P	Security update for perl-Archive-Zip (Moderate)	2020-12-01
oval:org.opensuse.security:def:66559	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60701	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:36683	P	libpolkit0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22405	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:37990	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53742	P	Recommended update for ruby2.5 (Important)	2020-12-01
oval:org.opensuse.security:def:36876	P	libXcursor1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10498	P	libgnomesu-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23359	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:60890	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:53015	P	Security update for python-ecdsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:44401	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:37199	P	libgoa-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53905	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:45201	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:17814	P	Security update for gdk-pixbuf (Moderate)	2020-12-01
oval:org.opensuse.security:def:22188	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:6396	P	libldb1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37150	P	java-1_7_1-ibm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53846	P	Security update for dia (Moderate)	2020-12-01
oval:org.opensuse.security:def:8522	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56542	P	Security update for openssh (Moderate)	2020-12-01
oval:org.opensuse.security:def:44695	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:59653	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:6750	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37344	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45758	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:24342	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:23001	P	Security update for emacs (Important)	2020-12-01
oval:org.opensuse.security:def:52464	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:8277	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44020	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:22484	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:9182	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44817	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:17637	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:54873	P	libidn11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37723	P	accountsservice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:21985	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:36841	P	glib2-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44577	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:6642	P	java-1_7_0-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37096	P	cvs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10560	P	libvorbis-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60566	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17903	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:24310	P	Security update for spice-gtk (Important)	2020-12-01
oval:org.opensuse.security:def:38403	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20201190	P	RHSA-2020:1190: libxml2 security update (Moderate)	2020-03-31
oval:org.opensuse.security:def:79250	P	Security update for libxml2 (Moderate)	2018-10-09
oval:org.opensuse.security:def:84977	P	Security update for libxml2 (Moderate)	2018-10-09
oval:org.opensuse.security:def:86817	P	Security update for libxml2 (Moderate)	2018-10-09
oval:com.ubuntu.artful:def:201718258000	V	CVE-2017-18258 on Ubuntu 17.10 (artful) - low.	2018-04-08
oval:com.ubuntu.bionic:def:201718258000	V	CVE-2017-18258 on Ubuntu 18.04 LTS (bionic) - low.	2018-04-08
oval:com.ubuntu.bionic:def:2017182580000000	V	CVE-2017-18258 on Ubuntu 18.04 LTS (bionic) - low.	2018-04-08
oval:com.ubuntu.trusty:def:201718258000	V	CVE-2017-18258 on Ubuntu 14.04 LTS (trusty) - low.	2018-04-08
oval:com.ubuntu.xenial:def:2017182580000000	V	CVE-2017-18258 on Ubuntu 16.04 LTS (xenial) - low.	2018-04-08
oval:com.ubuntu.xenial:def:201718258000	V	CVE-2017-18258 on Ubuntu 16.04 LTS (xenial) - low.	2018-04-08

BACK