Vulnerability CVE-2018-10916

Vulnerability Name:

CVE-2018-10916 (CCN-147866)

Assigned:

2018-05-16

Published:

2018-05-16

Updated:

2019-04-02

Summary:

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system.

CVSS v3 Severity:

6.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
5.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

CVSS v2 Severity:

7.8 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Complete

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2018-10916

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:1059

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:1110

Source: CCN
Type: Red Hat Bugzilla Bug 1610349
(CVE-2018-10916) CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased

Source: CONFIRM
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916

Source: XF
Type: UNKNOWN
lftp-cve201810916-sec-bypass(147866)

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992

Source: CCN
Type: lftp GIT Repository
Exploit in reverse mirror job deletes cwd on source #452

Source: CONFIRM
Type: Exploit, Third Party Advisory
https://github.com/lavv17/lftp/issues/452

Source: UBUNTU
Type: Third Party Advisory
USN-3731-2

Vulnerable Configuration:

Configuration 1:

cpe:/a:lftp_project:lftp:*:*:*:*:*:*:*:* (Version <= 4.8.3)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

Configuration 3:

cpe:/o:opensuse:leap:42.3:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201810916	V	CVE-2018-10916	2023-06-22
oval:org.opensuse.security:def:7547	P	lftp-4.9.2-150400.1.8 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:692	P	Security update for the Linux Kernel (Important)	2022-08-12
oval:org.opensuse.security:def:3123	P	lftp-4.7.4-3.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3543	P	lftp-4.7.4-3.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2967	P	lftp-4.9.2-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94597	P	lftp-4.9.2-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95	P	lftp-4.8.4-5.3.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:391	P	xorg-x11-server-1.20.3-150400.36.7 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:112544	P	lftp-4.9.2-1.7 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:60437	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:24008	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:9430	P	Security update for mariadb (Moderate)	2021-12-06
oval:org.opensuse.security:def:8681	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:57137	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:44390	P	Security update for MozillaFirefox, rust-cbindgen (Important)	2021-10-18
oval:org.opensuse.security:def:9408	P	Security update for glibc (Moderate)	2021-10-12
oval:org.opensuse.security:def:106033	P	lftp-4.9.2-1.7 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:61672	P	update-alternatives-1.19.0.4-2.48 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71221	P	lftp-4.8.4-3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61622	P	perl-DBD-mysql-4.046-1.13 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103290	P	lftp-4.8.4-3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61455	P	gnutls-3.6.7-6.8.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61480	P	lftp-4.8.4-3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61541	P	libncurses6-32bit-6.1-5.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61579	P	libsystemd0-234-24.25.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96600	P	lftp-4.8.4-3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61424	P	curl-7.60.0-3.17.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61615	P	pam-1.3.0-6.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89635	P	lftp-4.8.4-3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:46084	P	Security update for openssl (Low)	2021-09-18
oval:org.opensuse.security:def:6704	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15) (Important)	2021-09-16
oval:org.opensuse.security:def:6455	P	Security update for openssl-1_0_0 (Low)	2021-09-09
oval:org.opensuse.security:def:55234	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:6477	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:1024	P	Security update for MozillaFirefox (Important)	2021-08-19
oval:org.opensuse.security:def:13781	P	binutils-2.26.1-9.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46912	P	cracklib-2.9.0-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47235	P	cvs-1.12.12-181.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46913	P	cron-4.2-58.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47286	P	hardlink-1.0-6.38 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46927	P	dosfstools-3.0.26-6.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48140	P	liblcms1-1.19-17.28 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47048	P	libmodplug1-0.8.8.4-13.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47973	P	colord-gtk-lang-0.1.26-6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47979	P	crash-7.2.1-6.42 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47241	P	dnsmasq-2.76-17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48038	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47373	P	liblzo2-2-2.08-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47980	P	cron-4.2-59.10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48069	P	libSDL-1_2-0-1.2.15-15.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47465	P	perl-DBD-mysql-4.021-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47994	P	dovecot22-2.2.31-19.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47613	P	g3utils-1.1.36-58.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48115	P	libgcrypt20-1.6.1-16.68.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47827	P	memcached-1.4.39-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48308	P	spice-vdagent-0.16.0-8.5.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13803	P	dbus-1-1.8.16-19.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48062	P	lftp-4.7.4-3.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47911	P	unzip-6.00-33.8.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14942	P	lftp-4.7.4-3.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63496	P	libsybdb5-1.1.36-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63364	P	python3-Twisted-19.10.0-3.2.6 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62756	P	gtk2-data-2.24.32+67-2.28 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62019	P	Mesa-20.2.4-57.13 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62020	P	amavisd-new-2.11.1-6.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62043	P	chrony-3.2-9.18.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71854	P	lftp-4.8.4-5.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62216	P	libsndfile-devel-1.0.28-5.5.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62265	P	nfs-client-2.1.1-10.10.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62113	P	lftp-4.8.4-5.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62823	P	perl-MIME-Charset-1.012.2-1.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63041	P	python3-tools-3.6.13-3.78.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100871	P	lftp-4.8.4-5.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:57063	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:23935	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:69679	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:6679	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-06-18
oval:org.opensuse.security:def:7428	P	Security update for python-rsa (Important)	2021-06-17
oval:org.opensuse.security:def:93748	P	(Important)	2021-06-17
oval:org.opensuse.security:def:8606	P	Security update for caribou (Important)	2021-06-17
oval:org.opensuse.security:def:67538	P	Security update for java-1_8_0-openjdk (Moderate)	2021-06-17
oval:org.opensuse.security:def:48680	P	libIlmImf-Imf_2_1-21-32bit-2.1.0-4.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46722	P	libevent-2_0-5-2.0.21-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48894	P	bluez-cups-5.13-5.4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46773	P	libspice-client-glib-2_0-8-0.29-1.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46597	P	xinetd-2.3.15-7.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46444	P	java-1_7_0-openjdk-1.7.0.6-33.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46503	P	libpcsclite1-1.8.10-3.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12562	P	libjavascriptcoregtk-4_0-18-2.20.3-2.23.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61153	P	dstat-0.7.3-2.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61237	P	libidn-devel-1.34-1.9 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46532	P	logrotate-3.8.7-3.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12584	P	libndp0-1.6-2.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61357	P	screen-4.6.2-3.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70991	P	liblzo2-2-2.10-2.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12630	P	libssh4-0.6.3-12.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12677	P	p7zip-9.20.1-7.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13535	P	file-5.19-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12692	P	perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46385	P	automake-1.13.4-4.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12554	P	libgypsy0-0.9-6.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48778	P	icu-52.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12711	P	rpcbind-0.2.3-23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48832	P	freerdp-2.0.0~git.1463131968.4e66df7-11.69 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:12786	P	python-requests-2.8.1-6.16.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70878	P	cifs-utils-6.5-1.43 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48440	P	gv-3.7.4-1.36 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48532	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13513	P	cpp48-4.8.5-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:8770	P	Security update for djvulibre (Important)	2021-06-04
oval:org.opensuse.security:def:8587	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:8757	P	Security update for the Linux Kernel (Important)	2021-05-18
oval:org.opensuse.security:def:23899	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:6447	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:1462	P	Security update for java-11-openjdk (Important)	2021-05-11
oval:org.opensuse.security:def:8748	P	Security update for ceph (Important)	2021-05-04
oval:org.opensuse.security:def:8572	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:23557	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:23887	P	Security update for sudo (Important)	2021-04-20
oval:org.opensuse.security:def:23551	P	Security update for xen (Important)	2021-04-19
oval:org.opensuse.security:def:8739	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:23764	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:23752	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:8706	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:69784	P	Security update for the Linux Kernel (Important)	2021-02-19
oval:org.opensuse.security:def:23622	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:23761	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:55787	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:66428	P	Security update for slurm_17_11 (Important)	2020-12-18
oval:org.opensuse.security:def:55126	P	Security update for xen (Important)	2020-12-10
oval:org.opensuse.security:def:13054	P	libpython2_7-1_0-2.7.13-28.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13079	P	libtcnative-1-0-1.2.23-3.3.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61702	P	avahi-0.7-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48978	P	colord-1.3.3-12.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62723	P	vino-3.22.0-9.32 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71522	P	lftp-4.8.4-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62673	P	libid3tag0-0.15.1b-3.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107127	P	lftp-4.8.4-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62494	P	spice-vdagent-0.17.0-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61781	P	lftp-4.8.4-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62586	P	libusbmuxd-devel-1.0.10-3.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12853	P	crash-7.2.1-6.42 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62624	P	fetchmailconf-6.3.26-3.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61742	P	freetype2-devel-2.10.1-4.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12862	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61947	P	perl-XML-LibXML-2.0132-1.20 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12936	P	lftp-4.7.4-3.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12830	P	audiofile-0.3.6-11.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12875	P	emacs-24.3-25.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116685	P	lftp-4.8.4-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63600	P	pulseaudio-module-bluetooth-11.1-4.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2100	P	vsftpd-3.0.3-5.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100461	P	lftp-4.8.4-3.9 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12852	P	cracklib-2.9.0-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62491	P	python3-cupshelpers-1.5.7-6.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62393	P	accountsservice-0.6.45-4.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12898	P	gnome-shell-3.20.4-77.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62689	P	libopus-devel-1.3.1-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12811	P	DirectFB-1.7.1-6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13121	P	opensc-0.13.0-3.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12945	P	libX11-6-1.6.2-12.5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49040	P	libvdpau1-32bit-1.1.1-6.73 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13130	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12960	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12822	P	apache-commons-httpclient-3.1-4.364 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13143	P	perl-Tk-804.031-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:12979	P	libdmx1-1.1.3-3.51 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:45446	P	Security update for shadow (Moderate)	2020-12-01
oval:org.opensuse.security:def:60023	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:45262	P	Recommended update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:54675	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6755	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54286	P	libmspack0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22454	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:6585	P	dia on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44841	P	Security update for ibus (Important)	2020-12-01
oval:org.opensuse.security:def:45992	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:8457	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60183	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:45383	P	Security update for wireshark (Important)	2020-12-01
oval:org.opensuse.security:def:54841	P	libXtst6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22842	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:6768	P	libthai-data on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45447	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:54426	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22518	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:6604	P	ft2demos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46021	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:25086	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:60964	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:8479	P	openssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45464	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:55594	P	Security update for MozillaFirefox, mozilla-nspr (Important)	2020-12-01
oval:org.opensuse.security:def:22854	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:73001	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:36699	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45459	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:54664	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22558	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:22300	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:23272	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:8525	P	strongswan on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60622	P	Security update for python-SQLAlchemy (Important)	2020-12-01
oval:org.opensuse.security:def:45593	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:55668	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:22884	P	Security update for tigervnc (Critical)	2020-12-01
oval:org.opensuse.security:def:50483	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:60965	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:45572	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:54837	P	libXpm4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22611	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:50537	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:36700	P	libudisks2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23325	P	Recommended update for LibreOffice (Low)	2020-12-01
oval:org.opensuse.security:def:60743	P	Security update for dpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:45799	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:55706	P	Security update for cups-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:60987	P	Security update for ntp (Moderate)	2020-12-01
oval:org.opensuse.security:def:45756	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:54943	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22736	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:6737	P	libpcsclite1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36711	P	mailman on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23441	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:60936	P	Security update for python-paramiko (Important)	2020-12-01
oval:org.opensuse.security:def:45877	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:37558	P	libnetpbm11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:8449	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45880	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:55109	P	freerdp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22775	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:36795	P	augeas on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23511	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:45964	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:55394	P	sysvinit-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37447	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:7406	P	gzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24605	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:43994	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:36931	P	libpango-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23264	P	Security update for p7zip (Important)	2020-12-01
oval:org.opensuse.security:def:46098	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:55502	P	Security update for gdm (Low)	2020-12-01
oval:org.opensuse.security:def:37486	P	libX11-6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24448	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:64204	P	ruby2.5-rubygem-sprockets on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37032	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38196	P	glib2-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64291	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:43995	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:23817	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:46305	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:37514	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23522	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:38238	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37089	P	cracklib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63843	P	Security update for LibVNCServer (Critical)	2020-12-01
oval:org.opensuse.security:def:53995	P	libIlmImf-Imf_2_1-21 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44006	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:45033	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:63793	P	Security update for openssl-1_0_0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37179	P	libXvnc1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23811	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:24398	P	Security update for libqt5-qtbase (Moderate)	2020-12-01
oval:org.opensuse.security:def:63878	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:44110	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53996	P	libX11-6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37339	P	systemtap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44896	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:24410	P	Security update for libssh2_org (Important)	2020-12-01
oval:org.opensuse.security:def:25118	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:44958	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:44275	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:24057	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:63698	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:49207	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73119	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54018	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37398	P	colord-gtk-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44947	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:55519	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:66336	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:24127	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:63738	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:45671	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:44959	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:54158	P	avahi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44976	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:24573	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:45719	P	Security update for lftp (Moderate)	2020-12-01
oval:org.opensuse.security:def:60000	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:44465	P	Security update for strongswan (Important)	2020-12-01
oval:org.opensuse.security:def:24270	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:55326	P	m4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54263	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44970	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:54396	P	vino on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49105	P	glibc-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22308	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:6523	P	update-alternatives on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44582	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:24319	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:55400	P	transfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49079	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67638	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60001	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:45080	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:54569	P	liblzo2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6746	P	libpython2_7-1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49136	P	libICE-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56795	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:49133	P	lftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:54264	P	libfreetype6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:22355	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:6570	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44771	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:45935	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:55438	P	Security update for ntp (Critical)	2020-12-01
oval:org.opensuse.security:def:56869	P	Security update for lftp (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20201045	P	RHSA-2020:1045: lftp security update (Moderate)	2020-03-31
oval:org.opensuse.security:def:88856	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:126432	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:79503	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:85347	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:79771	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:87080	P	Security update for lftp (Moderate)	2019-03-19
oval:org.opensuse.security:def:125006	P	Security update for lftp (Moderate)	2019-03-19
oval:com.ubuntu.bionic:def:201810916000	V	CVE-2018-10916 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-01
oval:com.ubuntu.bionic:def:2018109160000000	V	CVE-2018-10916 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-01
oval:com.ubuntu.trusty:def:201810916000	V	CVE-2018-10916 on Ubuntu 14.04 LTS (trusty) - medium.	2018-08-01
oval:com.ubuntu.xenial:def:2018109160000000	V	CVE-2018-10916 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-01
oval:com.ubuntu.xenial:def:201810916000	V	CVE-2018-10916 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-01

BACK