Vulnerability CVE-2018-17082

Vulnerability Name:

CVE-2018-17082 (CCN-149966)

Assigned:

2018-09-13

Published:

2018-09-13

Updated:

2019-08-19

Summary:

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.

CVSS v3 Severity:

6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-79

Vulnerability Consequences:

Cross-Site Scripting

References:

Source: MITRE
Type: CNA
CVE-2018-17082

Source: CCN
Type: PHP Web site
PHP 5 ChangeLog

Source: MISC
Type: Release Notes
http://php.net/ChangeLog-5.php

Source: MISC
Type: Release Notes
http://php.net/ChangeLog-7.php

Source: CCN
Type: IBM Security Bulletin 870684 (Flex System Chassis Management Module (CMM))
IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2018-17082 CVE-2018-14883 CVE-2018-14851 CVE-2017-9118)

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2519

Source: MISC
Type: Exploit, Issue Tracking, Vendor Advisory
https://bugs.php.net/bug.php?id=76582

Source: XF
Type: UNKNOWN
php-cve201817082-xss(149966)

Source: MISC
Type: Patch, Vendor Advisory
https://github.com/php/php-src/commit/23b057742e3cf199612fa8050ae86cae675e214e

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180920 [SECURITY] [DLA 1509-1] php5 security update

Source: GENTOO
Type: Third Party Advisory
GLSA-201812-01

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20180924-0001/

Source: DEBIAN
Type: Third Party Advisory
DSA-4353

Source: CCN
Type: IBM Security Bulletin 880793 (BladeCenter Advanced Management Module (AMM))
IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-17082)

Source: CONFIRM
Type: UNKNOWN
https://www.tenable.com/security/tns-2019-07

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-17082

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version < 5.6.38)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and < 7.0.32)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.1.0 and < 7.1.22)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.2.0 and < 7.2.10)

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:netapp:storage_automation_store:-:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:5.6.37:*:*:*:*:*:*:*

OR cpe:/a:php:php:7.0.31:*:*:*:*:*:*:*

OR cpe:/a:php:php:7.1.21:-:*:*:*:*:*:*

OR cpe:/a:php:php:7.2.9:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201817082	V	CVE-2018-17082	2023-06-22
oval:org.opensuse.security:def:8075	P	apache2-mod_php7-7.4.33-150400.4.22.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51974	P	Security update for cni-plugins (Important)	2022-12-20
oval:org.opensuse.security:def:51940	P	Security update for libtasn1 (Critical)	2022-10-26
oval:org.opensuse.security:def:639	P	Security update for grafana (Important) (in QA)	2022-10-06
oval:org.opensuse.security:def:4300	P	Security update for the Linux Kernel (Important)	2022-07-13
oval:org.opensuse.security:def:94257	P	(Important)	2022-07-11
oval:org.opensuse.security:def:3434	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3540	P	krb5-1.12.5-40.37.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:4297	P	Security update for drbd (Important)	2022-06-22
oval:org.opensuse.security:def:95064	P	apache2-mod_php7-7.4.25-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95170	P	apache2-mod_php8-8.0.10-150400.2.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:1678	P	Security update for 389-ds (Important)	2022-06-14
oval:org.opensuse.security:def:1091	P	Security update for vim (Important)	2022-03-04
oval:org.opensuse.security:def:1687	P	Security update for wireshark (Moderate)	2022-02-14
oval:org.opensuse.security:def:4304	P	Security update for the Linux Kernel (Critical)	2022-02-10
oval:org.opensuse.security:def:113137	P	php8-8.0.11-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113132	P	php7-7.4.24-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10711	P	Security update for MozillaThunderbird (Important)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:30160	P	Security update for openssh (Important)	2021-12-06
oval:org.opensuse.security:def:29456	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:32234	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:4168	P	Security update for MozillaFirefox (Important)	2021-11-19
oval:org.opensuse.security:def:34586	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:33037	P	Security update for tomcat (Important)	2021-11-03
oval:org.opensuse.security:def:29439	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:30138	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:39497	P	Security update for strongswan (Important)	2021-10-19
oval:org.opensuse.security:def:51677	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:106565	P	php7-7.4.24-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106567	P	php8-8.0.11-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:4156	P	Security update for gd (Moderate)	2021-09-27
oval:org.opensuse.security:def:30249	P	Security update for MozillaFirefox (Important)	2021-09-22
oval:org.opensuse.security:def:71345	P	logrotate-3.13.0-4.3.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:66926	P	Security update for xen (Moderate)	2021-09-18
oval:org.opensuse.security:def:35267	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:52049	P	Security update for compat-openssl098 (Low)	2021-09-13
oval:org.opensuse.security:def:64758	P	Security update for libesmtp (Important)	2021-09-03
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:33964	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:70282	P	Security update for openssl-1_0_0 (Important)	2021-08-24
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:14046	P	tcpdump-4.5.1-10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13948	P	libpython2_7-1_0-2.7.9-24.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13957	P	libspice-client-glib-2_0-8-0.31-7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14305	P	libvdpau1-1.1.1-6.73 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48165	P	libospf0-1.1.1-17.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14317	P	libyaml-0-2-0.1.6-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47612	P	fuse-2.9.3-6.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14249	P	libldap-2_4-2-2.4.41-18.29.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14293	P	libsrtp1-1.5.2-2.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14132	P	expat-2.1.0-20.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47748	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14112	P	cups-filters-1.0.58-17.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14047	P	tftp-5.2-10.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14955	P	libXext6-1.3.2-4.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13949	P	libpython3_4m1_0-3.4.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13978	P	libxml2-2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14318	P	libz1-1.2.8-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14250	P	libldb1-1.1.29-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14294	P	libssh2-1-1.4.3-19.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48073	P	libXcursor1-1.1.14-4.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14977	P	libaudit1-2.8.1-10.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14224	P	libfreetype6-2.6.3-7.10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14113	P	cups-pk-helper-0.2.5-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47627	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14956	P	libXfixes3-32bit-5.0.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14094	P	bash-4.3-82.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13979	P	libyaml-0-2-0.1.6-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48313	P	stunnel-5.00-4.3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14978	P	libblkid1-2.33.2-2.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13956	P	libsoup-2_4-1-2.54.1-4.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14304	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14225	P	libgc1-7.2d-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47941	P	SuSEfirewall2-3.6.312.333-3.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14131	P	evince-3.20.1-5.66 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14095	P	bind-9.9.9P1-62.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47613	P	g3utils-1.1.36-58.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:2359	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101005	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63414	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2418	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101415	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63448	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:94292	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63507	P	php7-embed-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2325	P	apache2-mod_php7-7.4.6-3.17.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:107671	P	php7-embed-7.4.6-1.11 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100970	P	libseccomp-devel-2.4.1-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:33952	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:33953	P	Security update for djvulibre (Important)	2021-08-05
oval:org.opensuse.security:def:31231	P	Security update for the Linux Kernel (Important)	2021-07-22
oval:org.opensuse.security:def:29400	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:10686	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:68005	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:66834	P	Security update for jetty-minimal (Important)	2021-06-17
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:32942	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:11413	P	libvte9-0.28.2-17.83 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11435	P	perl-32bit-5.18.2-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48527	P	libneon27-0.30.0-3.64 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48673	P	gd-32bit-2.1.0-3.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36325	P	xalan-j2-2.7.0-217.26.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48769	P	empathy-3.12.12-5.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36283	P	pyxml-0.8.4-194.23.38 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48840	P	gstreamer-0_10-plugins-base-0.10.36-17.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48611	P	qemu-2.6.1-27.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48738	P	libmysqlclient_r18-10.0.21-1.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:34428	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:73617	P	Security update for the Linux Kernel (Important)	2021-05-12
oval:org.opensuse.security:def:38658	P	Security update for MozillaFirefox (Important)	2021-04-28
oval:org.opensuse.security:def:29351	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:30175	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:51868	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:31144	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:38657	P	Security update for MozillaFirefox (Important)	2021-04-01
oval:org.opensuse.security:def:34048	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:64671	P	Security update for ruby2.5 (Important)	2021-03-24
oval:org.opensuse.security:def:68105	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:33094	P	Security update for apache2 (Moderate)	2021-03-12
oval:org.opensuse.security:def:4290	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:34644	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:30028	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:4125	P	Security update for ImageMagick (Moderate)	2021-01-15
oval:org.opensuse.security:def:4184	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:32273	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:4070	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:28918	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:70177	P	Security update for flac (Moderate)	2020-12-24
oval:org.opensuse.security:def:34339	P	Security update for ovmf (Moderate)	2020-12-18
oval:org.opensuse.security:def:4964	P	Security update for openssl-1_1 (Important)	2020-12-10
oval:org.opensuse.security:def:29954	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:31087	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:63406	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16949	P	php72-devel-7.2.5-1.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35645	P	unrar-3.80.2-2.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35574	P	krb5-1.6.3-133.27.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90085	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117194	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2308	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103740	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4062	P	libtasn1-devel-4.9-3.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35535	P	cyrus-imapd-2.3.11-60.21.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4083	P	libxslt-devel-1.1.28-17.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2317	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4245	P	typelib-1_0-Gtk-2_0-2.24.31-9.6.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71458	P	conntrack-tools-1.4.5-1.46 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107636	P	apache2-mod_php7-7.4.6-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35601	P	libsamplerate-0.1.4-1.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63397	P	apache2-mod_php7-7.2.5-4.12.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4265	P	Security update for the Linux Kernel (Live Patch 4 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:29297	P	Security update for python-setuptools (Important)	2020-12-02
oval:org.opensuse.security:def:4942	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:37967	P	libssh4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27242	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38773	P	perl-LWP-Protocol-https on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18587	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38599	P	gdk-pixbuf-loader-rsvg on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38707	P	libotr5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28314	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:28706	P	Security update for gstreamer-0_10-plugins-bad	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17800	P	Security update for mariadb (Moderate)	2020-12-01
oval:org.opensuse.security:def:30650	P	Security update for Image Magick	2020-12-01
oval:org.opensuse.security:def:30708	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:10484	P	libarchive-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50971	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17663	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:31387	P	Security update for openvpn-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35486	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:39455	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:26976	P	libtspi1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38438	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27676	P	Security update for wireshark	2020-12-01
oval:org.opensuse.security:def:18570	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35480	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32728	P	libqt4-sql-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38291	P	libgcrypt20 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33505	P	Security update for open-iscsi	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17623	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:30392	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:34693	P	Security update for xorg-x11-libXext	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28349	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50580	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:17490	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35177	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:51781	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:53325	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:29943	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:38188	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27477	P	libreoffice on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34187	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:50119	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34787	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:37968	P	libsystemd0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29061	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:33181	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38774	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18596	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17447	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:34282	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17901	P	Security update for libotr (Moderate)	2020-12-01
oval:org.opensuse.security:def:29942	P	Security update for liblouis (Moderate)	2020-12-01
oval:org.opensuse.security:def:30789	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:34883	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:10577	P	ocaml on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51238	P	Security update for wavpack (Low)	2020-12-01
oval:org.opensuse.security:def:17809	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:31492	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:31552	P	Security update for socat (Moderate)	2020-12-01
oval:org.opensuse.security:def:38817	P	vino on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34788	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:27185	P	libgcc_s1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38745	P	libxcb-dri2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39456	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50579	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:28787	P	Security update for Mozilla NSS	2020-12-01
oval:org.opensuse.security:def:38439	P	perl-Archive-Zip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29500	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17690	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30601	P	Security update for puppet	2020-12-01
oval:org.opensuse.security:def:30689	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:34757	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10462	P	libHX-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50736	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:17632	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:35427	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:10762	P	libmysqlclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26912	P	gtk2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38348	P	libpng12-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27579	P	xalan-j2-demo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27632	P	Security update for libqt4	2020-12-01
oval:org.opensuse.security:def:33549	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:30778	P	Security update for bash	2020-12-01
oval:org.opensuse.security:def:38189	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33394	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:33482	P	Security update for OpenSC	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35439	P	Security update for openvpn-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50128	P	apache2-mod_php7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37955	P	libruby2_1-2_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17566	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:30306	P	Security update for t1lib	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17439	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:17456	P	Security update for squid (Critical)	2020-12-01
oval:org.opensuse.security:def:30995	P	Security update for jasper (Important)	2020-12-01
oval:org.opensuse.security:def:35120	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:10611	P	xfsprogs-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17910	P	Security update for ghostscript (Low)	2020-12-01
oval:org.opensuse.security:def:31390	P	Security update for pam	2020-12-01
oval:org.opensuse.security:def:30777	P	Security update for axis (Moderate)	2020-12-01
oval:org.opensuse.security:def:38051	P	res-signingkeys on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27326	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38818	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37957	P	libshibsp-lite6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29004	P	Security update for conntrack-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:38746	P	libxerces-c-3_1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17923	P	Security update for giflib (Moderate)	2020-12-01
oval:org.opensuse.security:def:50065	P	libapr-util1-dbd-mysql on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26901	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34184	P	Security update for openvpn	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17832	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17889	P	Security update for libnettle (Moderate)	2020-12-01
oval:org.opensuse.security:def:30752	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32716	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34799	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:10530	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51134	P	Security update for SDL2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17699	P	Security update for subversion (Moderate)	2020-12-01
oval:org.opensuse.security:def:31443	P	Security update for policycoreutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:31531	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:10454	P	icecream on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27104	P	cvs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38598	P	gdk-pixbuf-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38706	P	libopenssl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73499	P	gdb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31428	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26900	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28718	P	Security update for kdebase4-runtime	2020-12-01
oval:org.opensuse.security:def:32807	P	xen on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38349	P	libpng15-15 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34801	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32717	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17654	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:30546	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34732	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:10775	P	libpng12-compat-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53395	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37956	P	libsaml8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50602	P	Recommended update for sles12sp3-docker-image, sles12sp4-image, system-user-root (Important)	2020-12-01
oval:org.opensuse.security:def:17575	P	Security update for cups (Critical)	2020-12-01
oval:org.opensuse.security:def:10753	P	libksba-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:18561	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:34227	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17448	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:38290	P	libgcab-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27530	P	pam-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27618	P	Security update for ghostscript	2020-12-01
oval:org.opensuse.security:def:38052	P	rpcbind on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29145	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:33337	P	Security update for openssl1	2020-12-01
oval:org.opensuse.security:def:33443	P	Security update for fetchmail	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17481	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:17932	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:50074	P	libosinfo-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28707	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30863	P	Security update for elfutils	2020-12-01
oval:org.opensuse.security:def:35019	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:10592	P	quagga-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51402	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:17841	P	Security update for libpng16 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17898	P	Security update for libpng12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31596	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:39498	P	Security update for php5 (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201817082000	V	CVE-2018-17082 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-16
oval:com.ubuntu.bionic:def:2018170820000000	V	CVE-2018-17082 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-16
oval:com.ubuntu.trusty:def:201817082000	V	CVE-2018-17082 on Ubuntu 14.04 LTS (trusty) - medium.	2018-09-16
oval:com.ubuntu.xenial:def:2018170820000000	V	CVE-2018-17082 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-16
oval:com.ubuntu.xenial:def:201817082000	V	CVE-2018-17082 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-16

BACK