Vulnerability CVE-2017-5648 - CERT Civis.Net

Vulnerability Name:

CVE-2017-5648 (CCN-124399)

Assigned:

2017-03-30

Published:

2017-03-30

Updated:

2020-07-20

Summary:

While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a SecurityManager, it was therefore possible for that untrusted application to retain a reference to the request or response object and thereby access and/or modify information associated with another web application.

CVSS v3 Severity:

9.1 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)
7.9 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

3.6 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)
3.2 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2017-5648

Source: CCN
Type: Apache Web site
Fixed in Apache Tomcat 9.0.0.M19

Source: DEBIAN
Type: UNKNOWN
DSA-3842

Source: DEBIAN
Type: UNKNOWN
DSA-3843

Source: CCN
Type: IBM Security Bulletin 1999760 (Rational Collaborative Lifecycle Management)
Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology

Source: CCN
Type: IBM Security Bulletin 2003183 (Rational Build Forge)
Rational Build Forge Security Advisory (CVE-2016-8610, CVE-2017-6056, CVE-2017-5647, CVE-2017-5648)

Source: CCN
Type: IBM Security Bulletin 2003395 (Tivoli Application Dependency Discovery Manager)
Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-5648, CVE-2017-5647)

Source: CCN
Type: IBM Security Bulletin 2008294 (Rational License Key Server)
Multiple Security Vulnerabilities in Apache Tomcat affect IBM Rational License Key Server Administration and Reporting Tool

Source: CCN
Type: IBM Security Bulletin 2008875 (Algo One)
Open Source Apache Tomcat Vulnerabilities affect Algo One - Core

Source: CCN
Type: IBM Security Bulletin 2010463 (Algo One)
Open Source Apache Tomcat Vulnerabilities affect Algo One - Counterparty Credit Risk

Source: CCN
Type: IBM Security Bulletin 2013753 (Security Guardium Big Data Intelligence)
IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities

Source: MLIST
Type: UNKNOWN
[oss-security] 20200720 CVE-2020-13932 Apache ActiveMQ Artemis - Remote XSS in Web console Diagram Plugin

Source: BID
Type: Third Party Advisory, VDB Entry
97530

Source: CCN
Type: BID-97530
Apache Tomcat CVE-2017-5648 Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1038220

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1801

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1802

Source: REDHAT
Type: UNKNOWN
RHSA-2017:1809

Source: XF
Type: UNKNOWN
apache-tomcat-cve20175648-sec-bypass(124399)

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: Mailing List, Vendor Advisory
[users] 20170410 [SECURITY] CVE-2017-5648 Apache Tomcat Information Disclosure

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/

Source: GENTOO
Type: UNKNOWN
GLSA-201705-09

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20180614-0001/

Vulnerable Configuration:

Configuration 1:

cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.51:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.52:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.53:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.58:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.59:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.60:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.61:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.62:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.63:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.64:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.65:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.66:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.67:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.68:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.69:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.70:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.71:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.72:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.73:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.74:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:7.0.75:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:apache:tomcat:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.11:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.12:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.13:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.14:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.15:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.16:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.17:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.18:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.19:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.20:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.21:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.22:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.23:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.24:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.25:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.26:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.27:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.28:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.29:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.30:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.31:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.32:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.33:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.34:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.35:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.36:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.37:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.38:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.39:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.40:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0.41:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:apache:tomcat:8.5.0:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.1:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.2:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.3:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.4:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.5:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.6:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.7:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.8:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.9:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.10:*:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.5.11:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*

OR cpe:/a:apache:tomcat:8.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:algo_one:4.9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:4.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:algo_one:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium_big_data_intelligence:3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:643	P	Security update for python-paramiko (Important) (in QA)	2022-09-30
oval:org.opensuse.security:def:20175648	V	CVE-2017-5648	2022-08-07
oval:org.opensuse.security:def:94262	P	(Important)	2022-07-14
oval:org.opensuse.security:def:1683	P	Security update for dpdk (Important) (in QA)	2022-06-24
oval:org.opensuse.security:def:3544	P	tomcat-9.0.36-150200.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95174	P	tomcat-9.0.36-150200.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:42300	P	Security update for the Linux Kernel (Important)	2022-06-14
oval:org.opensuse.security:def:1674	P	Security update for mariadb (Important)	2022-06-07
oval:org.opensuse.security:def:42369	P	Security update for dnsmasq (Important)	2022-04-22
oval:org.opensuse.security:def:42176	P	Security update for xen (Important)	2022-04-22
oval:org.opensuse.security:def:1692	P	Security update for cyrus-sasl (Important)	2022-03-07
oval:org.opensuse.security:def:1087	P	Security update for MozillaFirefox (Important)	2022-03-03
oval:org.opensuse.security:def:42191	P	Security update for the Linux Kernel (Important)	2022-02-02
oval:org.opensuse.security:def:113536	P	tomcat-9.0.36-8.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:8884	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:60439	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:7007	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:8869	P	Security update for poppler (Important)	2021-12-01
oval:org.opensuse.security:def:57128	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:6716	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15) (Important)	2021-11-17
oval:org.opensuse.security:def:8862	P	Security update for tomcat (Important)	2021-11-16
oval:org.opensuse.security:def:42859	P	Security update for SUSE Manager Client Tools (Moderate)	2021-10-27
oval:org.opensuse.security:def:60401	P	Security update for python (Moderate)	2021-10-26
oval:org.opensuse.security:def:8850	P	Security update for python-Pygments (Important)	2021-10-20
oval:org.opensuse.security:def:8060	P	Security update for krb5 (Moderate)	2021-10-18
oval:org.opensuse.security:def:6708	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15) (Important)	2021-10-12
oval:org.opensuse.security:def:59808	P	Security update for curl (Moderate)	2021-10-12
oval:org.opensuse.security:def:57106	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:42125	P	Security update for curl (Moderate)	2021-10-06
oval:org.opensuse.security:def:57105	P	Security update for webkit2gtk3 (Important)	2021-10-06
oval:org.opensuse.security:def:106932	P	tomcat-9.0.36-8.4 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:57511	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:66931	P	Security update for hivex (Moderate)	2021-09-23
oval:org.opensuse.security:def:63239	P	spice-gtk-devel-0.35-1.48 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:63201	P	dhcp-relay-4.3.5-4.15 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71350	P	opensc-0.19.0-1.14 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:38275	P	Security update for openssl (Low)	2021-09-18
oval:org.opensuse.security:def:6965	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-09-16
oval:org.opensuse.security:def:64763	P	Security update for openssl-1_1 (Low)	2021-09-07
oval:org.opensuse.security:def:9033	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:70287	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:8835	P	Security update for xen (Important)	2021-09-02
oval:org.opensuse.security:def:56057	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:9020	P	Security update for php7 (Important)	2021-08-20
oval:org.opensuse.security:def:8368	P	Security update for haproxy (Important)	2021-08-18
oval:org.opensuse.security:def:9011	P	Security update for MozillaFirefox (Important)	2021-08-17
oval:org.opensuse.security:def:20500	P	Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:14840	P	avahi-0.6.32-32.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47937	P	DirectFB-1.7.1-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47905	P	tomcat-9.0.12-1.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14785	P	tomcat-9.0.12-1.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14987	P	libevent-2_0-5-2.0.21-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48309	P	squashfs-4.3-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14927	P	iputils-s20121221-2.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14985	P	libdmx1-1.1.3-3.51 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47609	P	fontconfig-2.11.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14866	P	cvs-1.12.12-182.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15125	P	nmap-6.46-3.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14607	P	libjbig2-2.0-12.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47946	P	apache-commons-beanutils-1.9.2-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14782	P	tboot-20170711_1.9.7-1.10 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48325	P	tomcat-9.0.21-3.13.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47623	P	gnome-keyring-3.20.0-28.3.18 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14711	P	mutt-1.10.1-55.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15205	P	tomcat-9.0.21-3.13.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48318	P	sysstat-12.0.2-10.24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15152	P	pigz-2.3-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15211	P	unrar-5.0.14-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47618	P	ghostscript-9.25-23.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48069	P	libSDL-1_2-0-1.2.15-15.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14806	P	xorg-x11-7.6_1-14.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47608	P	file-5.22-10.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47744	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14832	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15007	P	libimobiledevice6-1.2.0-7.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:83822	P	tomcat-8.0.43-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15001	P	libgypsy0-0.9-6.22 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47632	P	gstreamer-1.8.3-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14936	P	kdump-0.8.16-9.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48161	P	libopenssl-devel-1.0.2p-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14974	P	libarchive13-3.1.2-26.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14615	P	libldb1-1.1.29-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48078	P	libXfont2-2-2.0.3-1.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15031	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47516	P	tomcat-8.0.43-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47617	P	gdm-3.10.0.1-54.6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14396	P	tomcat-8.0.43-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47753	P	libopenssl-1_0_0-devel-1.0.2p-2.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14762	P	ruby-2.1-1.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:87946	P	tomcat-9.0.12-1.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14641	P	libpcre1-32bit-8.39-8.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15227	P	xorg-x11-7.6_1-14.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48170	P	libpcsclite1-1.8.10-7.6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14900	P	glib2-lang-2.48.2-12.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15200	P	sysvinit-tools-2.88+-101.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:41235	P	Security update for cpio (Important)	2021-08-12
oval:org.opensuse.security:def:101419	P	tomcat-9.0.36-3.24.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63418	P	tomcat-9.0.36-3.24.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2329	P	tomcat-9.0.36-3.24.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63373	P	sblim-sfcb-1.4.9-5.6.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63340	P	libfreebl3-hmac-3.53.1-3.51.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1096	P	libnm0-1.22.10-3.7.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62346	P	vim-8.0.1568-5.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100975	P	libsnmp30-5.7.3-8.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63005	P	dpkg-1.19.0.4-2.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62022	P	apache-commons-io-2.6-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62216	P	libsndfile-devel-1.0.28-5.5.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:8160	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:60319	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:57061	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:20284	P	Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP4) (Important)	2021-07-27
oval:org.opensuse.security:def:6940	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2021-07-27
oval:org.opensuse.security:def:57965	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:9002	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:41159	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:59508	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:20462	P	Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) (Important)	2021-07-14
oval:org.opensuse.security:def:68010	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-07-14
oval:org.opensuse.security:def:8322	P	Security update for crmsh (Moderate)	2021-07-02
oval:org.opensuse.security:def:8041	P	Security update for qemu (Moderate)	2021-06-30
oval:org.opensuse.security:def:42096	P	Security update for lua53 (Moderate)	2021-06-29
oval:org.opensuse.security:def:8613	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:66839	P	Security update for apache2 (Important)	2021-06-22
oval:org.opensuse.security:def:8788	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:8600	P	Security update for spice-gtk (Important)	2021-06-09
oval:org.opensuse.security:def:42647	P	mailx-12.5-1.9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48616	P	rpm-4.11.2-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48774	P	gimp-2.8.18-4.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36165	P	krb5-1.6.3-133.49.66.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48678	P	kernel-default-extra-3.12.28-4.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36543	P	pwlib-1.10.10-120.35.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15888	P	rpm-devel-4.11.2-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36486	P	libsndfile-devel-1.0.20-2.6.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36153	P	jakarta-commons-httpclient3-3.0.1-253.36.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48836	P	gimp-2.8.18-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36249	P	nagios-plugins-1.4.16-0.13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48523	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48734	P	libgio-fam-2.38.2-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36554	P	ruby-devel-1.8.7.p357-0.9.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42711	P	system-config-printer-1.0.8-9.23.44 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36542	P	ppp-devel-2.4.5.git-2.29.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48845	P	kernel-default-extra-4.4.73-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48532	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48743	P	libraw9-0.15.4-3.88 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15639	P	libmspack-devel-0.4-3.64 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62875	P	perl-YAML-LibYAML-0.59-1.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36385	P	ctdb-devel-1.0.114.6-0.11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48607	P	python-libxml2-2.9.4-27.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48765	P	bogofilter-1.2.4-5.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:8969	P	Security update for pam_radius (Moderate)	2021-06-08
oval:org.opensuse.security:def:48669	P	finch-2.10.9-5.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36154	P	java-1_7_1-ibm-1.7.1_sr3.0-1.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15865	P	libzmq3-4.0.4-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:15662	P	libssh-devel-0.6.3-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:8591	P	Security update for slurm_18_08 (Important)	2021-06-04
oval:org.opensuse.security:def:8944	P	Security update for avahi (Moderate)	2021-06-04
oval:org.opensuse.security:def:8582	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:73622	P	Recommended update for grub2 (Moderate)	2021-05-19
oval:org.opensuse.security:def:8026	P	Security update for ibutils (Low)	2021-05-13
oval:org.opensuse.security:def:9693	P	Security update for MozillaFirefox (Important)	2021-04-29
oval:org.opensuse.security:def:56987	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:8742	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:20428	P	Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP5) (Important)	2021-04-28
oval:org.opensuse.security:def:60223	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:6865	P	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:20249	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP4) (Important)	2021-04-07
oval:org.opensuse.security:def:38657	P	Security update for MozillaFirefox (Important)	2021-04-01
oval:org.opensuse.security:def:64676	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:9671	P	Security update for libass (Important)	2021-03-24
oval:org.opensuse.security:def:8720	P	Security update for glib2 (Important)	2021-03-19
oval:org.opensuse.security:def:7016	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:68110	P	Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:60478	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:8712	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:20612	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:19572	P	Security update for csync2 (Low)	2021-02-26
oval:org.opensuse.security:def:7667	P	Security update for python-cryptography (Important)	2021-02-25
oval:org.opensuse.security:def:58897	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:58896	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:6998	P	Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important)	2021-02-10
oval:org.opensuse.security:def:7979	P	Security update for openvswitch (Important)	2021-02-01
oval:org.opensuse.security:def:20715	P	Security update for openldap2 (Moderate)	2021-01-15
oval:org.opensuse.security:def:58919	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:57180	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:21403	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:57099	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:58651	P	Security update for python36 (Important)	2020-12-11
oval:org.opensuse.security:def:6846	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2020-12-07
oval:org.opensuse.security:def:9273	P	Security update for xen (Important)	2020-12-04
oval:org.opensuse.security:def:41947	P	enscript-1.6.4-152.17.55 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63411	P	tomcat-9.0.35-1.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2322	P	tomcat-9.0.35-1.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41935	P	bzip2-1.0.5-34.246 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41999	P	libneon27-0.28.3-2.12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71463	P	cron-4.2-6.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107641	P	tomcat-9.0.35-1.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42039	P	puppet-0.24.8-1.3.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63107	P	apache2-mod_wsgi-4.5.18-2.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42051	P	tar-1.20-23.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41922	P	MozillaFirefox-3.5.9-0.1.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63290	P	openslp-server-2.0.0-6.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13197	P	tomcat-9.0.21-3.13.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62556	P	libimobiledevice-devel-1.2.0+git20170122.45fda81-1.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42763	P	vsftpd-openssl1-2.0.7-4.43.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63393	P	tomcat-9.0.5-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2304	P	tomcat-9.0.5-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41967	P	gstreamer-0_10-plugins-base-0.10.25-1.1.133 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90090	P	tomcat-9.0.14-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42471	P	xorg-x11-server-dmx-7.3.99-17.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41936	P	cifs-mount-3.4.3-1.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63402	P	tomcat-9.0.14-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2313	P	tomcat-9.0.14-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61749	P	giflib-devel-5.1.4-2.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103745	P	tomcat-9.0.14-2.16 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:41327	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:37352	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19933	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:20003	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:42888	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:58676	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:38939	P	argyllcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37012	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39957	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:38456	P	python-cryptography on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7933	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36774	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56230	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:18896	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:42808	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:55656	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:38599	P	gdk-pixbuf-loader-rsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36940	P	libpython2_7-1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:9251	P	rzsz on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38263	P	libXv1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55819	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:41657	P	Security update for gnome-settings-daemon (Moderate)	2020-12-01
oval:org.opensuse.security:def:8135	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37661	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37777	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19529	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:8300	P	ecryptfs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38359	P	libqpdf18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59327	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:19750	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:39319	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:50061	P	grub2-x86_64-xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50133	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40587	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:37022	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58251	P	Security update for rubygem-actionpack-4_2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37710	P	xlockmore on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58530	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:19135	P	Security update for libssh (Important)	2020-12-01
oval:org.opensuse.security:def:38039	P	python-PyYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39807	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:19658	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:38907	P	libdirectfb-1_7-1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39246	P	Security update for python-Jinja2 (Important)	2020-12-01
oval:org.opensuse.security:def:19773	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:38467	P	qemu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6784	P	libxslt-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56336	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:19099	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:73504	P	guile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18645	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:8415	P	libmms0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20645	P	Security update for rrdtool (Low)	2020-12-01
oval:org.opensuse.security:def:60556	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40867	P	Security update for gstreamer-0_10-plugins-base (Important)	2020-12-01
oval:org.opensuse.security:def:8211	P	shim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37401	P	cpio on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43571	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:40332	P	Security update for postgresql10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37194	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57686	P	cpio on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19788	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:37692	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38791	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36793	P	apache2-mod_nss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56895	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:37329	P	socat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38455	P	python-PyYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57272	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:18824	P	Security update for libraw (Moderate)	2020-12-01
oval:org.opensuse.security:def:8524	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38966	P	libid3tag0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39082	P	gnome-online-accounts on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60528	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20241	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:38551	P	automake on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41284	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:50070	P	libfreebl3-hmac on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7903	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18680	P	Security update for libdb-4_8 (Moderate)	2020-12-01
oval:org.opensuse.security:def:41479	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:37442	P	glib2-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60107	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:39015	P	gstreamer-0_10-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20027	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:38459	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39999	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:36963	P	libxerces-c-3_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20370	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:39099	P	libfbembed2_5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41204	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:7029	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20665	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:19799	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:40343	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:36875	P	libXRes1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57795	P	libgc1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19008	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:19991	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:42837	P	Security update for dpkg (Moderate)	2020-12-01
oval:org.opensuse.security:def:19537	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:38849	P	gd-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36852	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36968	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57678	P	busybox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36638	P	libXp6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41759	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:8549	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37821	P	ibus-chewing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:42814	P	Security update for wget (Moderate)	2020-12-01
oval:org.opensuse.security:def:50115	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41224	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38496	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36901	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38081	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40696	P	Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:37182	P	libapr-util1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58361	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37749	P	cifs-utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58568	P	Security update for wget (Important)	2020-12-01
oval:org.opensuse.security:def:40331	P	Security update for qpdf (Moderate)	2020-12-01
oval:org.opensuse.security:def:36974	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59075	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:19716	P	Security update for Linux Kernel Live Patch 11 for SLE 12 (Important)	2020-12-01
oval:org.opensuse.security:def:39158	P	empathy on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39274	P	Version update for docker, docker-runc, containerd, golang-github-docker-libnetwork (Important)	2020-12-01
oval:org.opensuse.security:def:40435	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:6831	P	rhythmbox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36932	P	libpcsclite1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56502	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:19041	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:58454	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:19111	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:50079	P	libvirglrenderer0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8292	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55657	P	Security update for rsync (Moderate)	2020-12-01
oval:org.opensuse.security:def:8430	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38747	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39207	P	libproxy1-networkmanager-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:20739	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:39765	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:38264	P	libXvMC1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6738	P	libplist++3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41043	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:8193	P	procmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8224	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:21377	P	Security update for dracut (Moderate)	2020-12-01
oval:org.opensuse.security:def:20691	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:37295	P	pam_ssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59623	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:19900	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12) (Important)	2020-12-01
oval:org.opensuse.security:def:20703	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:7689	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36962	P	libxcb-dri2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:40765	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:37241	P	libpoppler44 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8202	P	quagga on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37357	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58601	P	Security update for opensaml (Important)	2020-12-01
oval:org.opensuse.security:def:18637	P	Security update for soundtouch (Moderate)	2020-12-01
oval:org.opensuse.security:def:7911	P	openvswitch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37058	P	DirectFB on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18858	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:39127	P	libvdpau1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43526	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50124	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38688	P	libjpeg-turbo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36633	P	libXext6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56787	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:37290	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37650	P	ppc64-diag on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38501	P	tomcat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:55679	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18766	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:41588	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:8449	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37602	P	libvirglrenderer0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39054	P	libzmq3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:41223	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:41107	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:41233	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:70182	P	ocaml on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20171809	P	RHSA-2017:1809: tomcat security update (Important)	2017-07-27
oval:org.opensuse.security:def:81386	P	Security update for tomcat (Important)	2017-05-10
oval:com.ubuntu.precise:def:20175648000	V	CVE-2017-5648 on Ubuntu 12.04 LTS (precise) - medium.	2017-04-17
oval:com.ubuntu.cosmic:def:201756480000000	V	CVE-2017-5648 on Ubuntu 18.10 (cosmic) - medium.	2017-04-17
oval:com.ubuntu.artful:def:20175648000	V	CVE-2017-5648 on Ubuntu 17.10 (artful) - medium.	2017-04-17
oval:com.ubuntu.trusty:def:20175648000	V	CVE-2017-5648 on Ubuntu 14.04 LTS (trusty) - medium.	2017-04-17
oval:com.ubuntu.bionic:def:201756480000000	V	CVE-2017-5648 on Ubuntu 18.04 LTS (bionic) - medium.	2017-04-17
oval:com.ubuntu.bionic:def:20175648000	V	CVE-2017-5648 on Ubuntu 18.04 LTS (bionic) - medium.	2017-04-17
oval:com.ubuntu.xenial:def:20175648000	V	CVE-2017-5648 on Ubuntu 16.04 LTS (xenial) - medium.	2017-04-17
oval:com.ubuntu.xenial:def:201756480000000	V	CVE-2017-5648 on Ubuntu 16.04 LTS (xenial) - medium.	2017-04-17
oval:com.ubuntu.cosmic:def:20175648000	V	CVE-2017-5648 on Ubuntu 18.10 (cosmic) - medium.	2017-04-17