Vulnerability Name:

CVE-2018-12116 (CCN-153452)

Assigned:2018-11-28
Published:2018-11-28
Updated:2022-08-29
Summary:Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can be convinced to use unsanitized user-provided Unicode data for the `path` option of an HTTP request, then data can be provided which will trigger a second, unexpected, and user-defined HTTP request to made to the same server.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.3 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-12116

Source: CCN
Type: IBM Security Bulletin 0795324 (SDK for Node.js for Bluemix)
Multiple vulnerabilities affect IBM SDK for Node.js in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 843434 (API Connect)
IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018

Source: CCN
Type: IBM Security Bulletin 871922 (IBM Watson Assistant)
Multiple vulnerabilities in Node.js and OpenSSL affect IBM Watson Assistant on IBM Cloud Private

Source: CCN
Type: IBM Security Bulletin 872270 (Voice Gateway)
Multiple security vulnerabilities in Node.js affect IBM Voice Gateway

Source: CCN
Type: IBM Security Bulletin 879441 (Planning Analytics Local)
IBM Planning Analytics Local is affected by multiple vulnerabilities (CVE-2018-12116, CVE-2018-12121, CVE-2018-12122, CVE-2018-12123)

Source: CCN
Type: IBM Security Bulletin 883910 (Cloud App Management)
Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:1821

Source: XF
Type: UNKNOWN
nodejs-cve201812116-request-splitting(153452)

Source: CCN
Type: Node.js Blog, 2018-11-28
November 2018 Security Releases

Source: CONFIRM
Type: Patch, Vendor Advisory
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/

Source: GENTOO
Type: Third Party Advisory
GLSA-202003-48

Source: CCN
Type: IBM Security Bulletin 787619 (i)
Multiple vulnerabilities in Node.js affect IBM i

Source: CCN
Type: IBM Security Bulletin 0794537 (Rational Application Developer for WebSphere Software)
Multiple vulnerabilities in Node.js affect IBM Rational Application Developer for WebSphere Software

Source: CCN
Type: IBM Security Bulletin 795830 (Event Streams)
IBM Event Streams is affected by Node.js vulnerabilities

Source: CCN
Type: IBM Security Bulletin 869830 (Cloud Private)
Multiple Security Vulnerabilities affect IBM Cloud Private - Node.js

Source: CCN
Type: IBM Security Bulletin 870522 (Cloud App Management)
Multiple vulnerabilities in Node.js affect IBM Cloud App Management V2018

Source: CCN
Type: IBM Security Bulletin 878136 (API Connect)
API Connect is impacted by multiple nodeJS vulnerabilities (CVE-2018-12122 CVE-2018-12121 CVE-2018-12123 CVE-2018-12116)

Source: CCN
Type: IBM Security Bulletin 880531 (Integration Bus)
Multiple vulnerabilities in Node.js affect IBM Integration Bus & IBM App Connect Enterprise V11

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-12116

Vulnerable Configuration:Configuration 1:
  • cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 6.0.0 and <= 6.8.1)
  • OR cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 8.0.0 and <= 8.8.1)
  • OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 6.9.0 and < 6.15.0)
  • OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 8.9.0 and < 8.14.0)

    • Configuration 2:
  • cpe:/o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*
  • OR cpe:/a:suse:suse_enterprise_storage:4:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_openstack_cloud:7:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_openstack_cloud:8:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:nodejs:node.js:8:*:*:*:*:*:*:*
  • OR cpe:/a:nodejs:node.js:10:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_application_developer:9.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.0.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:sdk:*:*:node.js:*:bluemix:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.1.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.5:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.5.0.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.1.1.2:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.5.0.2:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.6:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.6.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.5.0.3:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:rational_application_developer:9.6.1.1:*:*:*:websphere:*:*:*
  • OR cpe:/a:ibm:cloud_private:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.17.27.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:integration_bus:10.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect:11:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2018.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:integration_bus:10.0.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sdk:6.14.4:*:node.js:*:bluemix:*:*:*
  • OR cpe:/a:ibm:sdk:8.11.4:*:node.js:*:bluemix:*:*:*
  • OR cpe:/a:ibm:sdk:10.13.0:*:node.js:*:bluemix:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:voice_gateway:1.0.0.8c:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_assistant:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:watson_assistant:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_automation_manager:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:event_streams:2018.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:planning_analytics_local:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect:11.0.0.3:*:*:*:enterprise:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:51976
    P
    		Security update for sqlite3 (Moderate)
    2022-12-28
    oval:org.opensuse.security:def:51942
    P
    		Security update for qemu (Moderate)
    2022-10-27
    oval:org.opensuse.security:def:201812116
    V
    		CVE-2018-12116
    2022-09-02
    oval:org.opensuse.security:def:4302
    P
    		Security update for the Linux Kernel (Important)
    2022-08-09
    oval:org.opensuse.security:def:94261
    P
    		 (Important)
    2022-07-14
    oval:org.opensuse.security:def:4299
    P
    		Security update for resource-agents (Moderate)
    2022-07-08
    oval:org.opensuse.security:def:1682
    P
    		Security update for apache2 (Important) (in QA)
    2022-06-14
    oval:org.opensuse.security:def:1095
    P
    		Security update for wavpack (Moderate)
    2022-03-28
    oval:org.opensuse.security:def:4306
    P
    		Security update for the Linux Kernel (Important)
    2022-03-09
    oval:org.opensuse.security:def:1691
    P
    		Security update for mariadb (Important)
    2022-03-04
    oval:org.opensuse.security:def:32286
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:58113
    P
    		Security update for apache2 (Important)
    2022-01-12
    oval:org.opensuse.security:def:58075
    P
    		Security update for chrony (Moderate)
    2021-12-22
    oval:org.opensuse.security:def:38223
    P
    		Security update for log4j (Important)
    2021-12-17
    oval:org.opensuse.security:def:33753
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:33060
    P
    		Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:30159
    P
    		Security update for mozilla-nss (Important)
    2021-12-06
    oval:org.opensuse.security:def:4170
    P
    		Security update for webkit2gtk3 (Important)
    2021-12-02
    oval:org.opensuse.security:def:38065
    P
    		Security update for OpenEXR (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:33742
    P
    		Security update for postgresql10 (Important)
    2021-11-22
    oval:org.opensuse.security:def:33037
    P
    		Security update for tomcat (Important)
    2021-11-03
    oval:org.opensuse.security:def:35273
    P
    		Security update for util-linux (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:51679
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:57516
    P
    		Security update for MozillaFirefox (Important)
    2021-10-15
    oval:org.opensuse.security:def:4158
    P
    		Security update for libaom (Low)
    2021-10-12
    oval:org.opensuse.security:def:29429
    P
    		Security update for libqt5-qtbase (Important)
    2021-09-30
    oval:org.opensuse.security:def:66930
    P
    		Security update for ffmpeg (Important)
    2021-09-23
    oval:org.opensuse.security:def:71349
    P
    		mutt-1.10.1-3.3.4 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:38202
    P
    		Security update for libcroco (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:64762
    P
    		Security update for apache2 (Important)
    2021-09-03
    oval:org.opensuse.security:def:58001
    P
    		Security update for openexr (Important)
    2021-09-02
    oval:org.opensuse.security:def:29418
    P
    		Security update for file (Important)
    2021-09-02
    oval:org.opensuse.security:def:29417
    P
    		Security update for libesmtp (Important)
    2021-09-02
    oval:org.opensuse.security:def:30120
    P
    		Security update for bind (Moderate)
    2021-08-30
    oval:org.opensuse.security:def:57071
    P
    		Security update for cpio (Important)
    2021-08-23
    oval:org.opensuse.security:def:34514
    P
    		Security update for qemu (Moderate)
    2021-08-23
    oval:org.opensuse.security:def:47616
    P
    		gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14108
    P
    		crash-7.1.8-3.9 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47945
    P
    		ant-1.9.4-3.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14328
    P
    		mutt-1.6.0-54.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14081
    P
    		apache-commons-daemon-1.0.15-6.10 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14284
    P
    		libraptor2-0-2.0.10-3.63 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14331
    P
    		openslp-2.0.0-17.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14126
    P
    		e2fsprogs-1.42.11-15.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48077
    P
    		libXfont1-1.5.1-11.3.12 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14339
    P
    		pam_krb5-2.4.4-4.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14129
    P
    		emacs-24.3-19.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13970
    P
    		libusbmuxd4-1.0.10-2.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47617
    P
    		gdm-3.10.0.1-54.6.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14145
    P
    		git-core-2.12.3-26.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14991
    P
    		libfreebl3-3.45-58.31.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13962
    P
    		libsystemd0-228-117.12 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48169
    P
    		libpcre1-32bit-8.39-8.3.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14352
    P
    		policycoreutils-2.5-9.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14147
    P
    		glibc-2.22-61.3 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13992
    P
    		openvpn-2.3.8-16.6.4 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47631
    P
    		grub2-2.02-11.8 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13991
    P
    		openssh-7.2p2-55.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14238
    P
    		libipa_hbac0-1.13.4-33.2 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:48317
    P
    		syslog-service-2.0-778.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14969
    P
    		libXvnc1-1.6.0-22.7.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14166
    P
    		hardlink-1.0-6.38 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:15012
    P
    		libjavascriptcoregtk-4_0-18-2.24.4-2.47.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13983
    P
    		mailman-2.1.17-1.18 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14307
    P
    		libvirt-3.3.0-4.28 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14060
    P
    		xdg-utils-20140630-5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47752
    P
    		libopenjp2-7-2.1.0-4.9.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14013
    P
    		procmail-3.22-267.12 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14263
    P
    		libnghttp2-14-1.7.1-1.84 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14259
    P
    		libmusicbrainz4-2.1.5-27.79 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14318
    P
    		libz1-1.2.8-11.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14990
    P
    		libexiv2-12-0.23-12.5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:100974
    P
    		libsndfile-devel-1.0.28-5.5.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:31224
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:30222
    P
    		Security update for MozillaFirefox (Important)
    2021-07-16
    oval:org.opensuse.security:def:68009
    P
    		Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)
    2021-07-14
    oval:org.opensuse.security:def:66838
    P
    		Security update for wireshark (Important)
    2021-06-22
    oval:org.opensuse.security:def:32949
    P
    		Security update for webkit2gtk3 (Important)
    2021-06-17
    oval:org.opensuse.security:def:48742
    P
    		libqt4-sql-mysql-32bit-4.8.6-4.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48615
    P
    		rpcbind-0.2.3-21.4 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48773
    P
    		gd-32bit-2.1.0-12.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48844
    P
    		java-1_7_0-openjdk-plugin-1.6.2-2.8.3 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48677
    P
    		java-1_7_0-openjdk-plugin-1.5.1-1.13 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48531
    P
    		libotr5-4.0.0-9.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31180
    P
    		Security update for djvulibre (Important)
    2021-05-31
    oval:org.opensuse.security:def:33657
    P
    		Security update for djvulibre (Important)
    2021-05-31
    oval:org.opensuse.security:def:4127
    P
    		Security update for fribidi (Important)
    2021-05-19
    oval:org.opensuse.security:def:34430
    P
    		Security update for xen (Important)
    2021-05-12
    oval:org.opensuse.security:def:30071
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:33899
    P
    		Security update for permissions (Important)
    2021-04-29
    oval:org.opensuse.security:def:57909
    P
    		Security update for java-1_7_0-openjdk (Moderate)
    2021-04-29
    oval:org.opensuse.security:def:34418
    P
    		Security update for curl (Moderate)
    2021-04-28
    oval:org.opensuse.security:def:31159
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:34419
    P
    		Security update for libnettle (Important)
    2021-04-28
    oval:org.opensuse.security:def:51870
    P
    		Security update for glibc (Important)
    2021-04-13
    oval:org.opensuse.security:def:30178
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP2) (Important)
    2021-04-12
    oval:org.opensuse.security:def:32892
    P
    		Security update for fwupdate (Important)
    2021-04-08
    oval:org.opensuse.security:def:59871
    P
    		Security update for MozillaFirefox (Important)
    2021-03-31
    oval:org.opensuse.security:def:33104
    P
    		Security update for tar (Low)
    2021-03-29
    oval:org.opensuse.security:def:64675
    P
    		Security update for zstd (Moderate)
    2021-03-24
    oval:org.opensuse.security:def:28955
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)
    2021-03-17
    oval:org.opensuse.security:def:68109
    P
    		Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)
    2021-03-17
    oval:org.opensuse.security:def:32275
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:32274
    P
    		Security update for glib2 (Important)
    2021-03-16
    oval:org.opensuse.security:def:52051
    P
    		Security update for compat-openssl098 (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:60478
    P
    		Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:34650
    P
    		Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:33781
    P
    		Security update for openssl-1_1 (Moderate)
    2021-03-09
    oval:org.opensuse.security:def:30016
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)
    2021-02-10
    oval:org.opensuse.security:def:32998
    P
    		Security update for python-urllib3 (Moderate)
    2021-02-03
    oval:org.opensuse.security:def:73621
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:4186
    P
    		Security update for ImageMagick (Moderate)
    2021-01-12
    oval:org.opensuse.security:def:4292
    P
    		Security update for hawk2 (Important)
    2021-01-12
    oval:org.opensuse.security:def:70286
    P
    		Security update for dovecot23 (Important)
    2021-01-05
    oval:org.opensuse.security:def:39490
    P
    		Security update for squid3 (Critical)
    2020-12-30
    oval:org.opensuse.security:def:4966
    P
    		Security update for xen (Moderate)
    2020-12-18
    oval:org.opensuse.security:def:38808
    P
    		Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:71462
    P
    		cracklib-2.9.6-9.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2321
    P
    		nodejs8-8.17.0-8.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4085
    P
    		libzip-devel-0.11.1-13.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:103744
    P
    		nodejs8-8.15.1-3.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4064
    P
    		libtidy-0_99-0-1.0.20100204cvs-26.2.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117198
    P
    		nodejs8-8.17.0-8.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63401
    P
    		nodejs8-8.15.1-3.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107640
    P
    		nodejs8-8.17.0-8.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63410
    P
    		nodejs8-8.17.0-8.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35911
    P
    		gstreamer-0_10-plugins-base-0.10.35-5.15.8 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2312
    P
    		nodejs8-8.15.1-3.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35952
    P
    		libgnomesu-1.0.0-307.10.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4072
    P
    		libvdpau-devel-1.1.1-6.73 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:90089
    P
    		nodejs8-8.15.1-3.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4247
    P
    		Security update for the Linux Kernel (Important)
    2020-12-02
    oval:org.opensuse.security:def:4267
    P
    		Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4944
    P
    		Security update for libvirt (Important)
    2020-12-02
    oval:org.opensuse.security:def:29501
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34114
    P
    		Security update for nagios (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:58194
    P
    		Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37981
    P
    		libvmtools0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57350
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28906
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:30420
    P
    		Security update for xorg-x11-libXpm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32649
    P
    		dbus-1-glib on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35055
    P
    		Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:60815
    P
    		Security update for python3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53327
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37991
    P
    		libxmltooling6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50738
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:34227
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:58218
    P
    		Security update for nodejs6 (Important)
    2020-12-01
    oval:org.opensuse.security:def:28265
    P
    		Security update for mercurial (Important)
    2020-12-01
    oval:org.opensuse.security:def:38452
    P
    		ppp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29011
    P
    		Security update for graphviz (Low)
    2020-12-01
    oval:org.opensuse.security:def:29693
    P
    		Security update for expat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:39511
    P
    		Security update for nodejs4 (Important)
    2020-12-01
    oval:org.opensuse.security:def:56693
    P
    		Security update for p7zip (Important)
    2020-12-01
    oval:org.opensuse.security:def:28559
    P
    		Security update for gtk2
    2020-12-01
    oval:org.opensuse.security:def:30860
    P
    		Security update for e2fsprogs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35202
    P
    		Security update for PostgreSQL 9.1
    2020-12-01
    oval:org.opensuse.security:def:38852
    P
    		gnome-shell-calendar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31900
    P
    		Security update for Mozilla Firefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:30408
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38383
    P
    		libtiff5-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60856
    P
    		Security update for mariadb (Low)
    2020-12-01
    oval:org.opensuse.security:def:59255
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:29633
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38720
    P
    		libqt4 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33428
    P
    		Security update for clamav, clamav-db, clamav-debuginfo, clamav-debugsource
    2020-12-01
    oval:org.opensuse.security:def:53397
    P
    		Security update for nodejs8 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50581
    P
    		Security update for wicked (Important)
    2020-12-01
    oval:org.opensuse.security:def:30494
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:32736
    P
    		libvirt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:35114
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:60906
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:38002
    P
    		mariadb on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50973
    P
    		Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:59989
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:34271
    P
    		Security update for puppet (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33810
    P
    		Security update for ghostscript-library (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38612
    P
    		groff on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29055
    P
    		Security update for bind (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:56833
    P
    		Security update for gstreamer-plugins-base (Important)
    2020-12-01
    oval:org.opensuse.security:def:28616
    P
    		Security update for xorg-x11-libXext
    2020-12-01
    oval:org.opensuse.security:def:31015
    P
    		Security update for java-1_7_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:35229
    P
    		Security update for libmspack (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34909
    P
    		Security update for dnsmasq (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60935
    P
    		Security update for nodejs6 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32363
    P
    		Security update for sudo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34749
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:38473
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51783
    P
    		Security update for nginx (Important)
    2020-12-01
    oval:org.opensuse.security:def:31862
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:39532
    P
    		Security update for nodejs6 (Important)
    2020-12-01
    oval:org.opensuse.security:def:37969
    P
    		libtag1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59277
    P
    		Security update for xerces-c (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29720
    P
    		Security update for Mozilla Firefox
    2020-12-01
    oval:org.opensuse.security:def:38759
    P
    		openssh on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33439
    P
    		Security update for ethereal and wireshark
    2020-12-01
    oval:org.opensuse.security:def:57801
    P
    		libgypsy0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28276
    P
    		Security update for mysql (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30626
    P
    		Security update for Xen and libvirt
    2020-12-01
    oval:org.opensuse.security:def:38741
    P
    		libvirt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50069
    P
    		libfpm_pb0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38086
    P
    		unrar on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51136
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:60178
    P
    		Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:56670
    P
    		Security update for exiv2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38671
    P
    		libgcrypt20 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34949
    P
    		Security update for Mozilla Firefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:28700
    P
    		Security update for gnutls (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31071
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:29729
    P
    		Security update for Mozilla Firefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:28264
    P
    		Security update for mercurial (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32498
    P
    		cups on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34806
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38633
    P
    		libHX28 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60693
    P
    		Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:50582
    P
    		Security update for e2fsprogs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59435
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:29777
    P
    		Security update for GnuTLS
    2020-12-01
    oval:org.opensuse.security:def:34163
    P
    		Security update for openssl (Important)
    2020-12-01
    oval:org.opensuse.security:def:38787
    P
    		qemu on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30409
    P
    		Security update for xorg-x11-libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33521
    P
    		Security update for strongswan
    2020-12-01
    oval:org.opensuse.security:def:38304
    P
    		libipa_hbac0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50123
    P
    		nodejs8 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37990
    P
    		libxml2-2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28343
    P
    		Security update for php53 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30716
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:38780
    P
    		python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51240
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:70181
    P
    		ncurses-devel-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34056
    P
    		Security update for libvorbis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50078
    P
    		libspice-server-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:37970
    P
    		libtasn1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:57244
    P
    		Security update for LibreOffice
    2020-12-01
    oval:org.opensuse.security:def:28852
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31120
    P
    		Security update for krb5
    2020-12-01
    oval:org.opensuse.security:def:59254
    P
    		Security update for mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:32592
    P
    		perl-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34896
    P
    		Security update for cyrus-imapd (Low)
    2020-12-01
    oval:org.opensuse.security:def:38692
    P
    		libldap-2_4-2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60777
    P
    		Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:73503
    P
    		graphviz-perl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33427
    P
    		Security update for Samba
    2020-12-01
    oval:org.opensuse.security:def:50604
    P
    		Security update for axis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:59688
    P
    		Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:29863
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:34202
    P
    		Security update for perl-Archive-Zip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38831
    P
    		xorg-x11-server on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:30897
    P
    		Security update for Mozilla Firefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:38362
    P
    		libraptor2-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28994
    P
    		Security update for conntrack-tools (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:58144
    P
    		Security update for java-1_8_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:56671
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28474
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:30773
    P
    		Security update for automake
    2020-12-01
    oval:org.opensuse.security:def:35163
    P
    		Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:39469
    P
    		Security update for nodejs4, nodejs6 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:38325
    P
    		libmodplug1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51404
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:60596
    P
    		Security update for mariadb (Low)
    2020-12-01
    oval:org.opensuse.security:def:50132
    P
    		nodejs8 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:80853
    P
    		Security update for nodejs6 (Important)
    2019-02-14
    oval:org.opensuse.security:def:84388
    P
    		Security update for nodejs6 (Important)
    2019-02-14
    oval:com.ubuntu.xenial:def:2018121160000000
    V
    		CVE-2018-12116 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-11-28
    oval:com.ubuntu.bionic:def:201812116000
    V
    		CVE-2018-12116 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-11-28
    oval:com.ubuntu.disco:def:2018121160000000
    V
    		CVE-2018-12116 on Ubuntu 19.04 (disco) - medium.
    2018-11-28
    oval:com.ubuntu.cosmic:def:201812116000
    V
    		CVE-2018-12116 on Ubuntu 18.10 (cosmic) - medium.
    2018-11-28
    oval:com.ubuntu.cosmic:def:2018121160000000
    V
    		CVE-2018-12116 on Ubuntu 18.10 (cosmic) - medium.
    2018-11-28
    oval:com.ubuntu.trusty:def:201812116000
    V
    		CVE-2018-12116 on Ubuntu 14.04 LTS (trusty) - medium.
    2018-11-28
    oval:com.ubuntu.bionic:def:2018121160000000
    V
    		CVE-2018-12116 on Ubuntu 18.04 LTS (bionic) - medium.
    2018-11-28
    oval:com.ubuntu.xenial:def:201812116000
    V
    		CVE-2018-12116 on Ubuntu 16.04 LTS (xenial) - medium.
    2018-11-28
    BACK
    nodejs node.js *
    nodejs node.js *
    nodejs node.js *
    nodejs node.js *
    suse suse linux enterprise server 12
    suse suse enterprise storage 4
    suse suse openstack cloud 7
    suse suse openstack cloud 8
    suse suse linux enterprise server 15
    nodejs node.js 8
    nodejs node.js 10
    ibm rational application developer 9.1
    ibm rational application developer 9.1.0.1
    ibm rational application developer 9.1.1
    ibm sdk *
    ibm rational application developer 9.1.1.1
    ibm rational application developer 9.5
    ibm rational application developer 9.5.0.1
    ibm rational application developer 9.1.1.2
    ibm rational application developer 9.5.0.2
    ibm rational application developer 9.6
    ibm rational application developer 9.6.1
    ibm api connect 5.0.8.0
    ibm rational application developer 9.5.0.3
    ibm rational application developer 9.6.1.1
    ibm cloud private 2.1.0
    ibm api connect 2018.1
    ibm i 7.17.27.3
    ibm api connect 5.0.8.4
    ibm cloud private 3.1.0
    ibm integration bus 10.0.0
    ibm app connect 11
    ibm app connect 11.0.0.0
    ibm cloud private 3.1.1
    ibm event streams 2018.3.0
    ibm integration bus 10.0.0.15
    ibm sdk 6.14.4
    ibm sdk 8.11.4
    ibm sdk 10.13.0
    ibm api connect 5.0.8.5
    ibm api connect 2018.4.1.1
    ibm voice gateway 1.0
    ibm voice gateway 1.0.0.8c
    ibm watson assistant 1.0.0
    ibm watson assistant 1.0.1
    ibm cloud private 1.0.0
    ibm cloud automation manager 3.1.0
    ibm event streams 2018.3.1
    ibm planning analytics local 2.0
    ibm app connect 11.0.0.3