Vulnerability CVE-2018-16845

Vulnerability Name:

CVE-2018-16845 (CCN-152681)

Assigned:

2018-11-06

Published:

2018-11-06

Updated:

2022-02-22

Summary:

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.

CVSS v3 Severity:

6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H)
5.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): High

4.4 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L)
3.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

3.2 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-400

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-16845

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2019:2120

Source: CCN
Type: nginx Mailing List, Tue Nov 6 15:28:35 UTC 2018
[nginx-announce] nginx security advisory (CVE-2018-16845)

Source: MISC
Type: Mailing List, Patch, Vendor Advisory
http://mailman.nginx.org/pipermail/nginx-announce/2018/000221.html

Source: CCN
Type: nginx Web site
nginx

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20210921 APPLE-SA-2021-09-20-4 Xcode 13

Source: CCN
Type: SECTRACK ID: 1042039
nginx MP4 Processing Bug Lets Remote Users Deny Service and Disclose Potentially Sensitive Information

Source: CCN
Type: IBM Security Bulletin 843434 (API Connect)
IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018

Source: BID
Type: Third Party Advisory, VDB Entry
105868

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1042039

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3652

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3653

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3680

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3681

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16845

Source: XF
Type: UNKNOWN
nginx-cve201816845-dos(152681)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20181108 [SECURITY] [DLA 1572-1] nginx security update

Source: CCN
Type: Apple security document HT212818
About the security content of Xcode 13

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT212818

Source: UBUNTU
Type: Patch, Third Party Advisory
USN-3812-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4335

Source: CCN
Type: IBM Security Bulletin 1489143 (Aspera Shares)
Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)

Source: CCN
Type: IBM Security Bulletin 6574081 (Cloud Private)
Security Vulnerabilities affect IBM Cloud Private - nginx (CVE-2018-16844, CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)

Vulnerable Configuration:

Configuration 1:

cpe:/a:f5:nginx:*:*:*:*:*:*:*:* (Version >= 1.0.7 and <= 1.0.15)

OR cpe:/a:f5:nginx:*:*:*:*:*:*:*:* (Version >= 1.1.3 and <= 1.15.5)

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:apple:xcode:*:*:*:*:*:*:*:* (Version < 13.0)

Configuration CCN 1:

cpe:/a:nginx:nginx:1.9.5:*:*:*:*:*:*:*

OR cpe:/a:nginx:nginx:1.15.5:*:*:*:*:*:*:*

AND

cpe:/a:ibm:api_connect:5.0.8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:aspera_shares:1.9.14:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*

OR cpe:/a:apple:xcode:12.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:51971	P	Security update for libtpms (Moderate)	2022-12-13
oval:org.opensuse.security:def:51564	P	Security update for kubevirt stack (Important)	2022-11-21
oval:org.opensuse.security:def:51931	P	Security update for expat (Important)	2022-10-01
oval:org.opensuse.security:def:608	P	Security update for clone-master-clean-up (Moderate) (in QA)	2022-09-26
oval:org.opensuse.security:def:201816845	V	CVE-2018-16845	2022-09-02
oval:org.opensuse.security:def:3350	P	qemu-3.1.1.1-1.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3508	P	gpg2-2.0.24-9.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3538	P	kernel-default-4.12.14-120.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3338	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3526	P	ibus-chewing-1.4.14-4.11 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2878	P	binutils-2.37-150100.7.29.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2872	P	avahi-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95138	P	nginx-1.21.5-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2886	P	ceph-common-16.2.7.654+gd5a90ff46f0-150400.1.4 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2888	P	cifs-utils-6.14-150400.1.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94230	P	(Important)	2022-05-03
oval:org.opensuse.security:def:113031	P	nginx-1.21.3-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:68682	P	Security update for the Linux Kernel (Important)	2022-01-11
oval:org.opensuse.security:def:106474	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:49126	P	Security update for runc (Moderate)	2021-12-14
oval:org.opensuse.security:def:51711	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:4172	P	Security update for MozillaFirefox (Important)	2021-12-10
oval:org.opensuse.security:def:1643	P	Security update for libvirt (Moderate)	2021-11-05
oval:org.opensuse.security:def:51665	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:66899	P	Security update for aspell (Important)	2021-08-20
oval:org.opensuse.security:def:4147	P	Security update for fetchmail (Moderate)	2021-08-20
oval:org.opensuse.security:def:4149	P	Security update for openexr (Important)	2021-08-20
oval:org.opensuse.security:def:2269	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63477	P	icedtea-web-1.7.1-5.13 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101384	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63358	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:72022	P	perl-Convert-ASN1-0.27-1.6.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100943	P	libnm0-1.22.10-3.7.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:74366	P	Security update for spice-vdagent (Important)	2021-08-05
oval:org.opensuse.security:def:51626	P	Security update for qemu (Important)	2021-07-29
oval:org.opensuse.security:def:4140	P	Security update for MozillaFirefox (Important)	2021-07-19
oval:org.opensuse.security:def:51909	P	Security update for qemu (Important)	2021-06-10
oval:org.opensuse.security:def:4133	P	Security update for libopenmpt (Moderate)	2021-06-09
oval:org.opensuse.security:def:4132	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:66807	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:49145	P	Security update for slurm_20_11 (Important)	2021-05-27
oval:org.opensuse.security:def:69445	P	Security update for xorg-x11-server (Important)	2021-04-13
oval:org.opensuse.security:def:73590	P	Security update for wpa_supplicant (Moderate)	2021-04-13
oval:org.opensuse.security:def:51750	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:4182	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:4179	P	Security update for webkit2gtk3 (Important)	2021-02-22
oval:org.opensuse.security:def:49460	P	Security update for php74 (Important)	2021-02-19
oval:org.opensuse.security:def:49127	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)	2021-02-12
oval:org.opensuse.security:def:51721	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:4143	P	Security update for MozillaFirefox (Important)	2021-02-01
oval:org.opensuse.security:def:70255	P	Security update for nodejs8 (Moderate)	2021-01-26
oval:org.opensuse.security:def:51892	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:4186	P	Security update for ImageMagick (Moderate)	2021-01-12
oval:org.opensuse.security:def:51091	P	Security update for openssl (Important)	2020-12-11
oval:org.opensuse.security:def:51856	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:63113	P	cloud-init-19.4-8.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4076	P	libwmf-0_2-7-0.2.8.4-242.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72138	P	hplip-3.17.9-3.38 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4009	P	libmodplug-devel-0.8.9.0+git20170610.f6dd59a-15.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62432	P	libass-devel-0.14.0-1.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62911	P	ocaml-libguestfs-devel-1.38.0-3.52 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4060	P	libsvn_auth_kwallet-1-0-1.8.10-24.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3978	P	libgadu-devel-1.11.4-1.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62431	P	libXvnc-devel-1.8.0-11.23 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62632	P	gdk-pixbuf-query-loaders-32bit-2.40.0-1.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4110	P	pango-devel-1.40.1-9.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4048	P	libsaml-devel-2.5.5-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63288	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3918	P	hivex-devel-1.3.10-4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72680	P	libgit2-28-0.28.4-1.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3938	P	libXfixes-devel-5.0.1-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62455	P	libmodplug-devel-0.3.7-1.35 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4093	P	mozilla-nss-devel-3.45-58.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107609	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4017	P	libnettle-devel-2.7.1-12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3926	P	krb5-devel-1.12.5-40.37.7 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3957	P	libasm-devel-0.158-7.7.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4037	P	libproxy-devel-0.4.13-16.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3977	P	libfbembed-devel-2.5.2.26539-15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117167	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63251	P	apache2-mod_auth_openidc-2.3.8-3.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2199	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4021	P	libopenssl-1_1-devel-1.1.1c-2.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3965	P	libcephfs-devel-12.2.12+git.1568024032.02236657ca-2.39.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2684	P	Security update for openssh (Important)	2020-12-02
oval:org.opensuse.security:def:2819	P	Security update for ffmpeg (Important)	2020-12-02
oval:org.opensuse.security:def:4845	P	Security update for nginx (Important)	2020-12-02
oval:org.opensuse.security:def:2613	P	Security update for runc (Moderate)	2020-12-02
oval:org.opensuse.security:def:4785	P	Security update for 389-ds (Important)	2020-12-02
oval:org.opensuse.security:def:2797	P	Security update for openexr (Moderate)	2020-12-02
oval:org.opensuse.security:def:2660	P	Security update for tiff (Moderate)	2020-12-02
oval:org.opensuse.security:def:2807	P	Security update for djvulibre (Moderate)	2020-12-02
oval:org.opensuse.security:def:2698	P	Security update for exempi (Moderate)	2020-12-02
oval:org.opensuse.security:def:2651	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2801	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:4824	P	Security update for libvirt (Important)	2020-12-02
oval:org.opensuse.security:def:2848	P	Security update for fwupd (Moderate)	2020-12-02
oval:org.opensuse.security:def:2645	P	Security update for ImageMagick (Important)	2020-12-02
oval:org.opensuse.security:def:2839	P	Security update for openexr (Moderate)	2020-12-02
oval:org.opensuse.security:def:2700	P	Security update for wireshark (Moderate)	2020-12-02
oval:org.opensuse.security:def:2631	P	Security update for buildah (Moderate)	2020-12-02
oval:org.opensuse.security:def:4806	P	Security update for nginx (Important)	2020-12-02
oval:org.opensuse.security:def:2690	P	Security update for libtasn1 (Moderate)	2020-12-02
oval:org.opensuse.security:def:2833	P	Security update for libexif (Moderate)	2020-12-02
oval:org.opensuse.security:def:2609	P	Security update for podman, slirp4netns and libcontainers-common (Moderate)	2020-12-02
oval:org.opensuse.security:def:2619	P	Security update for conmon, fuse-overlayfs, libcontainers-common, podman (Moderate)	2020-12-02
oval:org.opensuse.security:def:50436	P	Security update for polkit (Important)	2020-12-01
oval:org.opensuse.security:def:50529	P	Security update for webkit2gtk3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26414	P	Security update for python-Django (Moderate)	2020-12-01
oval:org.opensuse.security:def:49272	P	libzzip-0-13 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64044	P	Security update for xrdp (Important)	2020-12-01
oval:org.opensuse.security:def:50633	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:50497	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:25343	P	Security update for kernel-firmware (Important)	2020-12-01
oval:org.opensuse.security:def:64300	P	libXext-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50116	P	xalan-j2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25732	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:65348	P	Security update for evolution (Moderate)	2020-12-01
oval:org.opensuse.security:def:49665	P	libgme-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51294	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:53276	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:50394	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:50987	P	Security update for gcc10, nvptx-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:63938	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:50560	P	Security update for flac (Low)	2020-12-01
oval:org.opensuse.security:def:69340	P	Security update for python-ecdsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:50475	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25286	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:51783	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:49314	P	python3-paramiko on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49878	P	java-1_8_0-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:68785	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:51130	P	Security update for gnome-shell (Moderate)	2020-12-01
oval:org.opensuse.security:def:50084	P	nginx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25776	P	Security update for flash-player (Critical)	2020-12-01
oval:org.opensuse.security:def:72798	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:50304	P	Security update for webkit2gtk3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:66017	P	Security update for cloud-init (Moderate)	2020-12-01
oval:org.opensuse.security:def:50824	P	Security update for libqt5-qtbase (Important)	2020-12-01
oval:org.opensuse.security:def:63804	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25205	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:50276	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:65438	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:49721	P	wavpack on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49333	P	spectre-meltdown-checker on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51026	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:25630	P	Security update for openssl-1_0_0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:51817	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:70150	P	blktrace on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51822	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:53168	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50435	P	Security update for spamassassin (Moderate)	2020-12-01
oval:org.opensuse.security:def:50066	P	libcacard-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64146	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25003	P	Security update for mariadb-100 (Important)	2020-12-01
oval:org.opensuse.security:def:50591	P	Security update for postgresql10 (Low)	2020-12-01
oval:org.opensuse.security:def:25078	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:49623	P	flatpak on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51525	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:49315	P	python3-pip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50863	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25577	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50341	P	Security update for libxkbcommon (Low)	2020-12-01
oval:org.opensuse.security:def:50030	P	rmt-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50464	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:73472	P	sane-backends on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66109	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:49909	P	python-azure-agent on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50445	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:50458	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25014	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:64188	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:53207	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50474	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:49477	P	newt-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51255	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:25718	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:50630	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25427	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:74240	P	Security update for cronie (Low)	2020-12-01
oval:org.opensuse.security:def:53237	P	Security update for nginx (Important)	2020-12-01
oval:org.opensuse.security:def:50206	P	libwmf-0_2-7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26449	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:49811	P	xorg-x11-server-sdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50372	P	Security update for python-Jinja2 (Important)	2020-12-01
oval:org.opensuse.security:def:109990	P	Security update for nginx (Important)	2019-09-10
oval:org.opensuse.security:def:104459	P	Security update for nginx (Important)	2019-09-05
oval:org.opensuse.security:def:98658	P	Security update for nginx (Important)	2019-09-05
oval:org.opensuse.security:def:91708	P	Security update for nginx (Important)	2019-09-05
oval:org.opensuse.security:def:105348	P	Security update for nginx (Important)	2019-09-05
oval:org.opensuse.security:def:97769	P	Security update for nginx (Important)	2019-09-05
oval:org.opensuse.security:def:90804	P	Security update for nginx (Important)	2019-09-05
oval:com.ubuntu.xenial:def:2018168450000000	V	CVE-2018-16845 on Ubuntu 16.04 LTS (xenial) - medium.	2018-11-07
oval:com.ubuntu.bionic:def:201816845000	V	CVE-2018-16845 on Ubuntu 18.04 LTS (bionic) - medium.	2018-11-07
oval:com.ubuntu.cosmic:def:201816845000	V	CVE-2018-16845 on Ubuntu 18.10 (cosmic) - medium.	2018-11-07
oval:com.ubuntu.cosmic:def:2018168450000000	V	CVE-2018-16845 on Ubuntu 18.10 (cosmic) - medium.	2018-11-07
oval:com.ubuntu.trusty:def:201816845000	V	CVE-2018-16845 on Ubuntu 14.04 LTS (trusty) - medium.	2018-11-07
oval:com.ubuntu.bionic:def:2018168450000000	V	CVE-2018-16845 on Ubuntu 18.04 LTS (bionic) - medium.	2018-11-07
oval:com.ubuntu.xenial:def:201816845000	V	CVE-2018-16845 on Ubuntu 16.04 LTS (xenial) - medium.	2018-11-07

BACK