Vulnerability CVE-2018-18585

Vulnerability Name:

CVE-2018-18585 (CCN-151828)

Assigned:

2018-10-17

Published:

2018-10-17

Updated:

2022-10-25

Summary:

chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).

CVSS v3 Severity:

4.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
3.8 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

3.3 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
2.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:C/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Complete Availibility (A): None

Vulnerability Type:

CWE-476

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2018-18585

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:2049

Source: MISC
Type: Issue Tracking, Mailing List, Third Party Advisory
https://bugs.debian.org/911637

Source: XF
Type: UNKNOWN
libmspack-cve201818585-weak-security(151828)

Source: CCN
Type: libmspack GIT Repository
Avoid returning CHM file entries that are "blank" because they have embedded null bytes

Source: MISC
Type: Exploit, Third Party Advisory
https://github.com/kyz/libmspack/commit/8759da8db6ec9e866cb8eb143313f397f925bb4f

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20181026 [SECURITY] [DLA 1555-1] libmspack security update

Source: CCN
Type: oss-sec Mailing List, Tue, 23 Oct 2018 20:09:45 +0200
Re: Buffer overflow in cabextract/libmspack (Fwd: New cabextract 1.8 and libmspack 0.8 release)

Source: GENTOO
Type: Third Party Advisory
GLSA-201903-20

Source: UBUNTU
Type: Third Party Advisory
USN-3814-1

Source: UBUNTU
Type: Third Party Advisory
USN-3814-2

Source: UBUNTU
Type: Third Party Advisory
USN-3814-3

Source: MISC
Type: Mailing List, Patch, Third Party Advisory
https://www.openwall.com/lists/oss-security/2018/10/22/1

Source: MISC
Type: Third Party Advisory
https://www.starwindsoftware.com/security/sw-20181213-0002/

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-18585

Vulnerable Configuration:

Configuration 1:

cpe:/a:kyzer:libmspack:0.7:alpha:*:*:*:*:*:*

OR cpe:/a:kyzer:libmspack:0.6:alpha:*:*:*:*:*:*

OR cpe:/a:kyzer:libmspack:0.5:alpha:*:*:*:*:*:*

OR cpe:/a:kyzer:libmspack:0.4:alpha:*:*:*:*:*:*

OR cpe:/a:kyzer:libmspack:0.3:alpha:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 5:

cpe:/o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*

OR cpe:/o:suse:linux_enterprise_server:12:sp2:*:*:ltss:*:*:*

OR cpe:/o:suse:linux_enterprise_server:12:sp1:*:*:ltss:*:*:*

OR cpe:/o:suse:linux_enterprise_server:12:ga:*:*:ltss:*:*:*

Configuration 6:

cpe:/a:starwindsoftware:starwind_virtual_san:-:*:*:*:*:vsphere:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:kyzer:libmspack:1.7:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201818585	V	CVE-2018-18585	2023-06-22
oval:org.opensuse.security:def:7621	P	libmspack-devel-0.6-3.14.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:757	P	Security update for the Linux Kernel (Important)	2022-09-14
oval:org.opensuse.security:def:3036	P	coreutils-8.25-13.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3384	P	tomcat-9.0.21-3.13.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3372	P	stunnel-5.00-4.3.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94666	P	libmspack-devel-0.6-3.14.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:162	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:451	P	Security update for webkit2gtk3 (Important)	2022-04-27
oval:org.opensuse.security:def:1091	P	Security update for vim (Important)	2022-03-04
oval:org.opensuse.security:def:93813	P	(Important)	2022-01-25
oval:org.opensuse.security:def:33114	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:34616	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:34604	P	Security update for speex (Moderate)	2021-12-01
oval:org.opensuse.security:def:34605	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:34003	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31306	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:23701	P	Security update for qemu (Important)	2021-11-10
oval:org.opensuse.security:def:30144	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:69744	P	Security update for dnsmasq (Moderate)	2021-10-27
oval:org.opensuse.security:def:34552	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:96660	P	libmspack-devel-0.6-3.3.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89695	P	libmspack-devel-0.6-3.3.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61540	P	libmspack-devel-0.6-3.3.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:33719	P	Security update for ghostscript (Critical)	2021-09-21
oval:org.opensuse.security:def:71281	P	libmspack-devel-0.6-3.3.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103350	P	libmspack-devel-0.6-3.3.11 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:2108	P	apache2-mod_wsgi-python3-4.5.18-2.27 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61568	P	librsync-devel-1.0.0-1.27 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:33708	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:33707	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:31257	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:33964	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:23655	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:23955	P	Security update for python-PyYAML (Important)	2021-08-24
oval:org.opensuse.security:def:47971	P	cifs-utils-6.9-9.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47988	P	davfs2-1.5.2-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46972	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47301	P	krb5-1.12.5-39.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46996	P	libXp6-1.0.2-3.57 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47887	P	shim-0.9-23.14 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47108	P	ntp-4.2.8p8-14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47734	P	libldap-2_4-2-2.4.41-18.40.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47987	P	cyrus-sasl-2.1.26-8.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48316	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47673	P	libXdmcp6-1.1.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48098	P	libblkid1-2.33.2-2.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47096	P	libxcb-dri2-0-1.10-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46987	P	libQt5WebKit5-5.6.1-9.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46917	P	cups-pk-helper-0.2.5-3.72 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48123	P	libhogweed2-2.7.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47525	P	w3m-0.5.3.git20161120-160.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46933	P	elfutils-0.158-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47027	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48200	P	libssh2-1-1.4.3-20.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46973	P	java-1_7_0-openjdk-1.7.0.111-33.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48002	P	eog-3.20.4-7.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47787	P	libspice-server1-0.12.8-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47433	P	libxcb-dri2-0-1.10-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48033	P	gstreamer-plugins-base-1.8.3-13.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48129	P	libjansson4-2.12-3.5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:45903	P	Security update for libcares2 (Important)	2021-08-10
oval:org.opensuse.security:def:62817	P	libthai0-32bit-0.1.27-1.16 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71921	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62091	P	grep-3.1-4.3.12 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62730	P	PackageKit-1.1.13-4.20.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100938	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62768	P	libSoundTouch0-1.8.0-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62180	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:34483	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:32958	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:33938	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:1470	P	Security update for libjpeg-turbo (Moderate)	2021-06-11
oval:org.opensuse.security:def:46866	P	wget-1.14-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48892	P	argyllcms-1.6.3-3.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61297	P	libunwind-1.2.1-2.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48448	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46579	P	stunnel-5.00-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36138	P	gnome-screensaver-2.28.3-0.39.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61131	P	binutils-2.29.1-4.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46437	P	gzip-1.6-7.209 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48902	P	gcc48-gij-32bit-4.8.5-31.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:62867	P	pam-devel-32bit-1.3.0-4.10 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48838	P	gnome-shell-calendar-3.20.4-76.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48688	P	libpcsclite1-32bit-1.8.10-3.7 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46872	P	xf86-video-intel-2.99.914-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36097	P	cifs-utils-5.1-0.14.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70938	P	lftp-4.8.3-2.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71051	P	libzmq5-4.2.3-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48540	P	libproxy1-0.4.13-16.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46790	P	logrotate-3.8.7-3.21 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:23585	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:23908	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:49144	P	Security update for slurm_18_08 (Important)	2021-05-27
oval:org.opensuse.security:def:34444	P	Security update for postgresql13 (Moderate)	2021-05-27
oval:org.opensuse.security:def:69849	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:32086	P	Security update for java-1_7_0-openjdk (Moderate)	2021-04-29
oval:org.opensuse.security:def:30058	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:30001	P	Security update for fwupdate (Important)	2021-04-09
oval:org.opensuse.security:def:31141	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:24043	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:31366	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:23766	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:51755	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:24031	P	Security update for openldap2 (Important)	2021-03-03
oval:org.opensuse.security:def:34034	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:61109	P	Security update for ImageMagick (Moderate)	2021-02-25
oval:org.opensuse.security:def:61108	P	Security update for avahi (Moderate)	2021-02-23
oval:org.opensuse.security:def:31345	P	Security update for krb5-appl (Important)	2021-02-19
oval:org.opensuse.security:def:34508	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:28922	P	Security update for sudo (Important)	2021-01-27
oval:org.opensuse.security:def:31201	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:66493	P	Security update for tomcat (Moderate)	2021-01-07
oval:org.opensuse.security:def:31178	P	Security update for flac (Moderate)	2021-01-04
oval:org.opensuse.security:def:34337	P	Security update for python36 (Important)	2020-12-17
oval:org.opensuse.security:def:29951	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:62409	P	gdk-pixbuf-query-loaders-32bit-2.36.11-3.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49048	P	pidgin-plugin-otr-4.0.2-1.29 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48986	P	gcc48-gij-32bit-4.8.5-31.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100526	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61886	P	libsqlite3-0-3.28.0-3.9.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61846	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116750	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61759	P	grep-3.1-4.3.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71587	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62638	P	gstreamer-devel-1.16.2-1.53 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62900	P	glibc-devel-32bit-2.26-13.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62537	P	libSoundTouch0-1.8.0-3.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107192	P	libmspack-devel-0.6-3.8.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2685	P	Security update for ffmpeg (Low)	2020-12-02
oval:org.opensuse.security:def:2734	P	Security update for cups (Important)	2020-12-02
oval:org.opensuse.security:def:2679	P	Security update for wireshark (Moderate)	2020-12-02
oval:org.opensuse.security:def:2732	P	Security update for ImageMagick (Moderate)	2020-12-02
oval:org.opensuse.security:def:2724	P	Security update for jasper (Moderate)	2020-12-02
oval:org.opensuse.security:def:2643	P	Security update for ffmpeg (Moderate)	2020-12-02
oval:org.opensuse.security:def:2665	P	Security update for accountsservice (Moderate)	2020-12-02
oval:org.opensuse.security:def:2718	P	Security update for wavpack (Low)	2020-12-02
oval:org.opensuse.security:def:2653	P	Security update for ImageMagick (Low)	2020-12-02
oval:org.opensuse.security:def:2694	P	Security update for vim (Important)	2020-12-02
oval:org.opensuse.security:def:2647	P	Security update for pango (Moderate)	2020-12-02
oval:org.opensuse.security:def:45114	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:35230	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:18211	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:18219	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:29914	P	Security update for libcdio (Low)	2020-12-01
oval:org.opensuse.security:def:27102	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49912	P	terraform on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50375	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:49215	P	libpcsclite1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46033	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:34935	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:24806	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:33259	P	squidGuard on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30595	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:23469	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:30902	P	Security update for flac	2020-12-01
oval:org.opensuse.security:def:27478	P	libreoffice-branding-upstream on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27536	P	php53-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67698	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49179	P	libjavascriptcoregtk-4_0-18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45608	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:35349	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:35415	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:25585	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:32507	P	evolution-data-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24400	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:18426	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:30297	P	Security update for strongswan (Moderate)	2020-12-01
oval:org.opensuse.security:def:27439	P	libcurl-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30459	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:73066	P	dhcp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25619	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:28485	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:28497	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:35300	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:46228	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:73184	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45103	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:33802	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:18661	P	Security update for python-cryptography, python-pyOpenSSL (Important)	2020-12-01
oval:org.opensuse.security:def:18695	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26761	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29782	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:27045	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49755	P	perl-DNS-LDNS on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64351	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45916	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34836	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32871	P	gmime on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24755	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:24905	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:32048	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:23408	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:23416	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:30812	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:28838	P	Security update for tidy (Low)	2020-12-01
oval:org.opensuse.security:def:50479	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:49161	P	libcaca-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45527	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34180	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33326	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:67598	P	firewall-macros on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32496	P	coolkey on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24278	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18395	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:27390	P	dhcp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29216	P	Security update for perl-XML-LibXML (Important)	2020-12-01
oval:org.opensuse.security:def:29277	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:35241	P	Security update for libpng12-0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:46079	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:46165	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:49198	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29177	P	Security update for microcode_ctl (Important)	2020-12-01
oval:org.opensuse.security:def:28174	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:29697	P	Security update for facter (Moderate)	2020-12-01
oval:org.opensuse.security:def:29709	P	Security update for MozillaFirefox	2020-12-01
oval:org.opensuse.security:def:26964	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49657	P	libavcodec57 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46021	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:28209	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:45904	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:34700	P	Security update for zypper	2020-12-01
oval:org.opensuse.security:def:32814	P	zoo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24608	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:18604	P	Security update for libX11 and libxcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:24079	P	Security update for freeradius-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:64264	P	glibc-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28486	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30680	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:28781	P	Security update for libxslt	2020-12-01
oval:org.opensuse.security:def:50310	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:50406	P	Security update for dbus-1 (Important)	2020-12-01
oval:org.opensuse.security:def:35190	P	Security update for lcms	2020-12-01
oval:org.opensuse.security:def:45102	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:45406	P	Security update for dpdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:34091	P	Security update for mgetty (Important)	2020-12-01
oval:org.opensuse.security:def:33220	P	opie on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33282	P	vte on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19333	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:24209	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:24218	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:18338	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:27337	P	xorg-x11-libxcb-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50240	P	libotr-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27492	P	libtiff-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:19359	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:46349	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:35082	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:33171	P	libpixman-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35388	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:31046	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:29128	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:30440	P	Security update for yast2-storage (Moderate)	2020-12-01
oval:org.opensuse.security:def:30503	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:49160	P	libbsd-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26836	P	unzip on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49511	P	fetchmailconf on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45943	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:50545	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:32495	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32720	P	libnetpbm10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24530	P	Security update for djvulibre (Moderate)	2020-12-01
oval:org.opensuse.security:def:18572	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30401	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:18673	P	Security update for MozillaFirefox, mozilla-nspr and mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:29915	P	Security update for libcgroup1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30594	P	Security update for Perl	2020-12-01
oval:org.opensuse.security:def:30606	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:28696	P	Security update for glibc	2020-12-01
oval:org.opensuse.security:def:49113	P	grub2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45224	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:24891	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:24947	P	Security update for libcroco (Moderate)	2020-12-01
oval:org.opensuse.security:def:66401	P	glibc-locale-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29698	P	Security update for fastjar	2020-12-01
oval:org.opensuse.security:def:18253	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:27186	P	libgcrypt11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50150	P	gstreamer-plugins-ugly on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46221	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:34992	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:24717	P	Security update for perl-PlRPC (Moderate)	2020-12-01
oval:org.opensuse.security:def:30959	P	Security update for GPG2	2020-12-01
oval:org.opensuse.security:def:29074	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:29233	P	Security update for python-numpy (Important)	2020-12-01
oval:org.opensuse.security:def:24749	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:26760	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26772	P	libvorbis on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49306	P	procmail on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45737	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:34395	P	Security update for unzip (Moderate)	2020-12-01
oval:org.opensuse.security:def:46136	P	Security update for gcc9 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35459	P	Security update for perl-XML-LibXML (Important)	2020-12-01
oval:org.opensuse.security:def:32585	P	openssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24477	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18462	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:30352	P	Security update for vte, vte-debuginfo, vte-debugsource, vte-devel, vte-doc, vte-lang	2020-12-01
oval:org.opensuse.security:def:31410	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:50491	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:28565	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:51817	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:87224	P	Security update for libmspack (Moderate)	2020-09-22
oval:com.redhat.rhsa:def:20192049	P	RHSA-2019:2049: libmspack security update (Moderate)	2019-08-06
oval:com.ubuntu.xenial:def:2018185850000000	V	CVE-2018-18585 on Ubuntu 16.04 LTS (xenial) - medium.	2018-10-23
oval:com.ubuntu.disco:def:2018185850000000	V	CVE-2018-18585 on Ubuntu 19.04 (disco) - medium.	2018-10-23
oval:com.ubuntu.bionic:def:2018185850000000	V	CVE-2018-18585 on Ubuntu 18.04 LTS (bionic) - medium.	2018-10-23
oval:com.ubuntu.bionic:def:201818585000	V	CVE-2018-18585 on Ubuntu 18.04 LTS (bionic) - medium.	2018-10-22
oval:com.ubuntu.cosmic:def:201818585000	V	CVE-2018-18585 on Ubuntu 18.10 (cosmic) - medium.	2018-10-22
oval:com.ubuntu.cosmic:def:2018185850000000	V	CVE-2018-18585 on Ubuntu 18.10 (cosmic) - medium.	2018-10-22
oval:com.ubuntu.trusty:def:201818585000	V	CVE-2018-18585 on Ubuntu 14.04 LTS (trusty) - medium.	2018-10-22
oval:com.ubuntu.xenial:def:201818585000	V	CVE-2018-18585 on Ubuntu 16.04 LTS (xenial) - medium.	2018-10-22

BACK