Vulnerability CVE-2018-14851

Vulnerability Name:

CVE-2018-14851 (CCN-147890)

Assigned:

2018-07-19

Published:

2018-07-19

Updated:

2019-08-19

Summary:

exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.

CVSS v3 Severity:

5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-125

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-14851

Source: MISC
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-5.php

Source: CCN
Type: PHP Web site
Version 7.2.8

Source: MISC
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-7.php

Source: CCN
Type: IBM Security Bulletin 737331 (Lotus Protector for Mail Security)
IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability found by vFinder (CVE-2018-14883 and CVE-2018-14851)

Source: CCN
Type: IBM Security Bulletin 870684 (Flex System Chassis Management Module (CMM))
IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2018-17082 CVE-2018-14883 CVE-2018-14851 CVE-2017-9118)

Source: CCN
Type: IBM Security Bulletin 880791 (BladeCenter Advanced Management Module (AMM))
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in PHP (CVE-2018-14851 CVE-2017-9118)

Source: BID
Type: Third Party Advisory, VDB Entry
104871

Source: CCN
Type: BID-104871
PHP Multiple Heap Buffer Overflow Vulnerabilities

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2519

Source: MISC
Type: Issue Tracking, Patch, Vendor Advisory
https://bugs.php.net/bug.php?id=76557

Source: XF
Type: UNKNOWN
php-cve201814851-dos(147890)

Source: MLIST
Type: Third Party Advisory
[debian-lts-announce] 20180901 [SECURITY] [DLA 1490-1] php5 security update

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20181107-0003/

Source: UBUNTU
Type: Third Party Advisory
USN-3766-1

Source: UBUNTU
Type: Third Party Advisory
USN-3766-2

Source: DEBIAN
Type: Third Party Advisory
DSA-4353

Source: CONFIRM
Type: Third Party Advisory
https://www.tenable.com/security/tns-2018-12

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.6.36)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and < 7.0.31)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.1.0 and < 7.1.20)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.2.0 and < 7.2.8)

Configuration 2:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:7.2.7:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.1.19:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.30:*:*:*:*:*:*:*

OR cpe:/a:php:php:5.6.36:*:*:*:*:*:*:*

AND

cpe:/a:ibm:lotus_protector:2.8.1:*:*:*:mail_security:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201814851	V	CVE-2018-14851	2023-06-22
oval:org.opensuse.security:def:8075	P	apache2-mod_php7-7.4.33-150400.4.22.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51970	P	Security update for tiff (Important)	2022-12-13
oval:org.opensuse.security:def:51936	P	Security update for tiff (Important)	2022-10-21
oval:org.opensuse.security:def:639	P	Security update for grafana (Important) (in QA)	2022-10-06
oval:org.opensuse.security:def:4300	P	Security update for the Linux Kernel (Important)	2022-07-13
oval:org.opensuse.security:def:94257	P	(Important)	2022-07-11
oval:org.opensuse.security:def:3434	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3540	P	krb5-1.12.5-40.37.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95170	P	apache2-mod_php8-8.0.10-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95064	P	apache2-mod_php7-7.4.25-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4296	P	Security update for the Linux Kernel (Important)	2022-06-20
oval:org.opensuse.security:def:1678	P	Security update for 389-ds (Important)	2022-06-14
oval:org.opensuse.security:def:1091	P	Security update for vim (Important)	2022-03-04
oval:org.opensuse.security:def:1687	P	Security update for wireshark (Moderate)	2022-02-14
oval:org.opensuse.security:def:113132	P	php7-7.4.24-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113137	P	php8-8.0.11-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10711	P	Security update for MozillaThunderbird (Important)	2022-01-12
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:4241	P	Security update for libaom (Moderate)	2021-12-23
oval:org.opensuse.security:def:29456	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:32233	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:30159	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:4286	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:34585	P	Security update for systemd (Moderate)	2021-11-04
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:33037	P	Security update for tomcat (Important)	2021-11-03
oval:org.opensuse.security:def:29439	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:4164	P	Security update for fetchmail (Moderate)	2021-10-20
oval:org.opensuse.security:def:30138	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:51673	P	Security update for apache2 (Important)	2021-10-06
oval:org.opensuse.security:def:106565	P	php7-7.4.24-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106567	P	php8-8.0.11-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:30248	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:71345	P	logrotate-3.13.0-4.3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:66926	P	Security update for xen (Moderate)	2021-09-18
oval:org.opensuse.security:def:4152	P	Security update for wireshark (Moderate)	2021-09-13
oval:org.opensuse.security:def:35266	P	Security update for grilo (Important)	2021-09-09
oval:org.opensuse.security:def:64758	P	Security update for libesmtp (Important)	2021-09-03
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:70282	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:33963	P	Security update for openssl-1_1 (Important)	2021-08-24
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:14972	P	libapr-util1-1.5.3-2.8.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13940	P	libpng12-0-1.2.50-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13948	P	libpython2_7-1_0-2.7.9-24.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14296	P	libtag1-1.9.1-1.218 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14219	P	libdmx1-1.1.3-3.51 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47941	P	SuSEfirewall2-3.6.312.333-3.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47612	P	fuse-2.9.3-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14123	P	dovecot22-2.2.30.2-14.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14089	P	audiofile-0.3.6-10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47613	P	g3utils-1.1.36-58.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14038	P	stunnel-5.00-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13943	P	libpolkit0-0.113-5.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13951	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14299	P	libthai-data-0.1.25-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48165	P	libospf0-1.1.1-17.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14309	P	libvncclient0-0.9.9-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14241	P	libjavascriptcoregtk-3_0-0-2.4.11-23.20 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14285	P	libruby2_1-2_1-2.1.9-18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14126	P	e2fsprogs-1.42.11-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47748	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14104	P	coreutils-8.25-12.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14041	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14947	P	libQt5Concurrent5-5.6.2-6.15.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13970	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14312	P	libwireshark8-2.2.7-47.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14244	P	libjpeg-turbo-1.3.1-30.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14288	P	libsnmp30-32bit-5.7.3-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48073	P	libXcursor1-1.1.14-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14969	P	libXvnc1-1.6.0-22.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14216	P	libcares2-1.9.1-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14107	P	cracklib-2.9.0-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47627	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14950	P	libSoundTouch0-1.7.1-5.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14086	P	apache2-mod_nss-1.0.14-18.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13973	P	libvncclient0-0.9.9-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48313	P	stunnel-5.00-4.3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63507	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2325	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:107671	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2359	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101005	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63414	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2418	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101415	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63448	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:94292	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100970	P	libseccomp-devel-2.4.1-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:33952	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:33951	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:29400	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:31230	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:10686	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:68005	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:66834	P	Security update for jetty-minimal (Important)	2021-06-17
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:32942	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36282	P	python-pywbem-0.7-6.22.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48840	P	gstreamer-0_10-plugins-base-0.10.36-17.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48611	P	qemu-2.6.1-27.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48738	P	libmysqlclient_r18-10.0.21-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11435	P	perl-32bit-5.18.2-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48527	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48673	P	gd-32bit-2.1.0-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36324	P	x3270-3.3.12-517.12.34 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48769	P	empathy-3.12.12-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:73617	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:34427	P	Security update for libxml2 (Moderate)	2021-05-05
oval:org.opensuse.security:def:4121	P	Security update for librsvg (Important)	2021-04-28
oval:org.opensuse.security:def:29351	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:38765	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:30175	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:31143	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:34047	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:4293	P	Security update for hawk2 (Important)	2021-03-24
oval:org.opensuse.security:def:64671	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:68105	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:32272	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:38698	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:33094	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:34643	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:4180	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:30027	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:38043	P	Security update for ImageMagick (Moderate)	2021-01-15
oval:org.opensuse.security:def:28918	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:70177	P	Security update for flac (Moderate)	2020-12-24
oval:org.opensuse.security:def:51864	P	Security update for clamav (Important)	2020-12-22
oval:org.opensuse.security:def:38652	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:34338	P	Security update for xen (Moderate)	2020-12-18
oval:org.opensuse.security:def:38809	P	Security update for cyrus-sasl (Important)	2020-12-18
oval:org.opensuse.security:def:4960	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:29953	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:31086	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:35600	P	librpcsecgss-0.18-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63397	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4066	P	libtirpc-devel-1.0.1-17.13.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63406	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16949	P	php72-devel-7.2.5-1.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35644	P	tar-1.20-23.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35573	P	kernel-default-2.6.32.12-0.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90085	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4058	P	libssh2-devel-1.4.3-20.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117194	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2308	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103740	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35534	P	curl-7.19.0-11.24.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4079	P	libxcb-composite0-1.10-4.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2317	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71458	P	conntrack-tools-1.4.5-1.46 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107636	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4938	P	Security update for squid (Critical)	2020-12-02
oval:org.opensuse.security:def:4261	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:29297	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:34798	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:10530	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51130	P	Security update for gnome-shell (Moderate)	2020-12-01
oval:org.opensuse.security:def:17673	P	Security update for MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:31442	P	Security update for policycoreutils (Low)	2020-12-01
oval:org.opensuse.security:def:31530	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:27103	P	curl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38590	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73499	P	gdb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31427	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28706	P	Security update for gstreamer-0_10-plugins-bad	2020-12-01
oval:org.opensuse.security:def:28718	P	Security update for kdebase4-runtime	2020-12-01
oval:org.opensuse.security:def:32807	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38343	P	libpango-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34800	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17619	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30545	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34731	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:10775	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53391	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50598	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17549	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18526	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:34227	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38282	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27529	P	osc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27617	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:38046	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29145	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:33337	P	Security update for openssl1	2020-12-01
oval:org.opensuse.security:def:33443	P	Security update for fetchmail	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17446	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:17906	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:50074	P	libosinfo-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29942	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:30862	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:35018	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:10592	P	quagga-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51398	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:17815	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:17872	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:31595	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:39492	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34786	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:37959	P	libsndfile1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27241	P	mono-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18552	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38593	P	fontconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38701	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28313	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:29941	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17765	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30649	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:30707	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:34787	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:10484	P	libarchive-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50967	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17637	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:35485	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:39447	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:50575	P	Security update for libvpx (Important)	2020-12-01
oval:org.opensuse.security:def:26975	P	libtiff3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38430	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27675	P	Security update for telepathy-gabble	2020-12-01
oval:org.opensuse.security:def:18544	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:35479	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32728	P	libqt4-sql-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38285	P	libexif12 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33505	P	Security update for open-iscsi	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17588	P	Security update for postgresql93 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30391	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34692	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52045	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:28348	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50576	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17464	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:35176	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:51777	P	Security update for postgresql (Moderate)	2020-12-01
oval:org.opensuse.security:def:53321	P	Security update for postgresql12 (Important)	2020-12-01
oval:org.opensuse.security:def:30777	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:38180	P	expat on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27476	P	libreadline5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34187	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:50119	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37947	P	libpulse-mainloop-glib0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37962	P	libspice-client-glib-2_0-8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29061	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:33181	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38768	P	patch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18570	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17404	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:17412	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:34281	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17866	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30776	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:30788	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:34882	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:10577	P	ocaml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51234	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:17783	P	Security update for gimp (Moderate)	2020-12-01
oval:org.opensuse.security:def:31491	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:31551	P	Security update for shim	2020-12-01
oval:org.opensuse.security:def:37948	P	libpython2_7-1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27184	P	libfreebl3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38649	P	libXt6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38737	P	libudisks2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39450	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:26900	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28787	P	Security update for Mozilla NSS	2020-12-01
oval:org.opensuse.security:def:38433	P	pam_ssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32716	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17655	P	Security update for hivex (Moderate)	2020-12-01
oval:org.opensuse.security:def:30600	P	Security update for PostgreSQL	2020-12-01
oval:org.opensuse.security:def:30688	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:34756	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:10454	P	icecream on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50732	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:17606	P	security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:35426	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:10762	P	libmysqlclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26899	P	fuse on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26911	P	gstreamer-0_10-plugins-good on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38340	P	libopus0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27578	P	wireshark on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27631	P	Security update for Samba	2020-12-01
oval:org.opensuse.security:def:33549	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32717	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38183	P	flatpak on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33394	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:33482	P	Security update for OpenSC	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35438	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:50128	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37950	P	libqpdf18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17531	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:30305	P	Security update for system-config-printer (Moderate)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17422	P	Security update for compat-openssl098 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17430	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:30994	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:35119	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:10611	P	xfsprogs-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17884	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:31389	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:27325	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38812	P	tftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37951	P	libqt4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29004	P	Security update for conntrack-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:38740	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17888	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50065	P	libapr-util1-dbd-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28707	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34183	P	Security update for openswan	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17797	P	Security update for fontconfig (Low)	2020-12-01
oval:org.opensuse.security:def:17854	P	Recommended update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:30751	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:39489	P	Security update for php7 (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201814851000	V	CVE-2018-14851 on Ubuntu 18.04 LTS (bionic) - low.	2018-08-02
oval:com.ubuntu.bionic:def:2018148510000000	V	CVE-2018-14851 on Ubuntu 18.04 LTS (bionic) - low.	2018-08-02
oval:com.ubuntu.trusty:def:201814851000	V	CVE-2018-14851 on Ubuntu 14.04 LTS (trusty) - low.	2018-08-02
oval:com.ubuntu.xenial:def:2018148510000000	V	CVE-2018-14851 on Ubuntu 16.04 LTS (xenial) - low.	2018-08-02
oval:com.ubuntu.xenial:def:201814851000	V	CVE-2018-14851 on Ubuntu 16.04 LTS (xenial) - low.	2018-08-02

BACK