Vulnerability CVE-2018-20060

Vulnerability Name:

CVE-2018-20060 (CCN-154226)

Assigned:

2018-03-26

Published:

2018-03-26

Updated:

2021-06-15

Summary:

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-noinfo
CWE-522

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2018-20060

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2131

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2272

Source: CCN
Type: Red Hat Bugzilla Bug 1649153
(CVE-2018-20060) - CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure

Source: MISC
Type: Issue Tracking, Mitigation, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1649153

Source: XF
Type: UNKNOWN
urllib3-cve201820060-info-disc(154226)

Source: MISC
Type: Release Notes, Third Party Advisory
https://github.com/urllib3/urllib3/blob/master/CHANGES.rst

Source: CCN
Type: urllib3 GIT Repository
Auth header remains during redirects #1316

Source: MISC
Type: Third Party Advisory
https://github.com/urllib3/urllib3/issues/1316

Source: MISC
Type: Third Party Advisory
https://github.com/urllib3/urllib3/pull/1346

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20210615 [SECURITY] [DLA 2686-1] python-urllib3 security update

Source: FEDORA
Type: Mailing List, Release Notes, Third Party Advisory
FEDORA-2019-a6c56f9756

Source: FEDORA
Type: Mailing List, Release Notes, Third Party Advisory
FEDORA-2019-8560719e80

Source: FEDORA
Type: Mailing List, Release Notes, Third Party Advisory
FEDORA-2019-6afaa38e7b

Source: UBUNTU
Type: UNKNOWN
USN-3990-1

Source: CCN
Type: IBM Security Bulletin 6408856 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Vulnerable Configuration:

Configuration 1:

cpe:/a:python:urllib3:*:*:*:*:*:*:*:* (Version < 1.23)

Configuration 2:

cpe:/o:fedoraproject:fedora:29:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:28:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:python:urllib3:1.23:*:*:*:*:*:*:*

AND

cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.0:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201820060	V	CVE-2018-20060	2023-06-22
oval:org.opensuse.security:def:7653	P	libproxy-devel-0.4.17-150400.1.8 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7788	P	python3-urllib3-1.25.10-4.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7863	P	python3-kubernetes-8.0.1-150100.3.7.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7631	P	libopenssl-3-devel-3.0.8-150500.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3185	P	libical1-1.0.1-16.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3348	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94815	P	python3-urllib3-1.25.10-4.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:294	P	python3-urllib3-1.25.10-2.18 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:350	P	python3-urllib3-1.25.10-4.3.1 on GA media (Moderate)	2022-06-10
oval:org.opensuse.security:def:1378	P	Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP3) (Important)	2022-06-06
oval:org.opensuse.security:def:113308	P	python36-urllib3-1.26.6-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113270	P	python36-kubernetes-12.0.1-1.8 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:57198	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:9635	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:59579	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:58067	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:8684	P	Security update for clamav (Moderate)	2021-12-06
oval:org.opensuse.security:def:60431	P	Security update for gmp (Moderate)	2021-12-02
oval:org.opensuse.security:def:8676	P	Security update for ruby2.5 (Important)	2021-12-01
oval:org.opensuse.security:def:59824	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:23711	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:1223	P	Security update for the Linux Kernel (Important)	2021-11-16
oval:org.opensuse.security:def:11145	P	Security update for transfig (Important)	2021-11-07
oval:org.opensuse.security:def:60390	P	Security update for util-linux (Moderate)	2021-10-20
oval:org.opensuse.security:def:58029	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:6980	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) (Important)	2021-10-14
oval:org.opensuse.security:def:6971	P	Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP1) (Important)	2021-10-12
oval:org.opensuse.security:def:106718	P	Security update for webkit2gtk3 (Important)	2021-10-04
oval:org.opensuse.security:def:106682	P	python36-kubernetes-12.0.1-1.8 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:10695	P	Security update for grilo (Important)	2021-09-23
oval:org.opensuse.security:def:61515	P	libgcrypt-devel-1.8.2-6.7 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61642	P	python3-salt-2019.2.0-4.4 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:6962	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-09-16
oval:org.opensuse.security:def:6702	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important)	2021-09-16
oval:org.opensuse.security:def:23664	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:8833	P	Security update for dovecot23 (Moderate)	2021-08-31
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:14248	P	liblcms1-1.19-17.28 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14155	P	grub2-2.02-2.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48356	P	zoo-2.10-1020.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48289	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13978	P	libxml2-2-2.9.4-27.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14908	P	gpgme-1.5.1-1.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47896	P	supportutils-3.0-95.18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14180	P	kernel-default-4.4.73-5.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14025	P	rpcbind-0.2.3-21.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47910	P	unrar-5.0.14-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14224	P	libfreetype6-2.6.3-7.10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14043	P	systemtap-3.0-7.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48031	P	gstreamer-1.8.3-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47895	P	sudo-1.8.20p2-3.7.10 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15169	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13880	P	libXtst6-1.2.2-3.59 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13888	P	libarchive13-3.1.2-22.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14235	P	libicu-doc-52.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14062	P	xf86-video-intel-2.99.917.641_ge4ef6e9-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48224	P	libwsman1-2.4.11-21.8.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13910	P	libidn-tools-1.28-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14886	P	file-5.22-10.12.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:62293	P	ppc64-diag-2.7.6-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62312	P	python3-urllib3-1.25.10-2.18 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101070	P	python3-urllib3-1.25.10-2.18 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72053	P	python3-urllib3-1.25.10-2.18 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62165	P	libjpeg8-8.1.2-5.15.7 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:8814	P	Security update for nodejs8 (Important)	2021-08-05
oval:org.opensuse.security:def:49123	P	Security update for containerd (Moderate)	2021-07-20
oval:org.opensuse.security:def:6929	P	Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP1) (Important)	2021-07-15
oval:org.opensuse.security:def:57470	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:57955	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:8984	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:60294	P	Security update for libxml2 (Moderate)	2021-06-18
oval:org.opensuse.security:def:6680	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important)	2021-06-18
oval:org.opensuse.security:def:57025	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:38369	P	Security update for xterm (Important)	2021-06-14
oval:org.opensuse.security:def:8975	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:61324	P	pam-1.3.0-4.10 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48956	P	libyaml-cpp0_5-0.5.3-3.3.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48448	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11422	P	mipv6d-2.0.2.umip.0.4-19.77 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48596	P	perl-HTML-Parser-3.71-1.145 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46673	P	guestfs-data-1.26.10-4.27 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11444	P	puppet-3.6.2-3.62 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46622	P	bash-4.2-75.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11847	P	lhasa-0.2.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48810	P	libwmf-0_2-7-0.2.8.4-242.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11869	P	libXxf86dga1-1.1.4-3.59 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48894	P	bluez-cups-5.13-5.4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:45699	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:6672	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important)	2021-05-25
oval:org.opensuse.security:def:6904	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2021-05-25
oval:org.opensuse.security:def:11209	P	Security update for perl-Image-ExifTool (Important)	2021-05-10
oval:org.opensuse.security:def:8752	P	Security update for webkit2gtk3 (Important)	2021-05-04
oval:org.opensuse.security:def:8933	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:11196	P	Security update for hostapd (Important)	2021-04-12
oval:org.opensuse.security:def:11187	P	Security update for python-markdown2 (Moderate)	2021-03-20
oval:org.opensuse.security:def:58098	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:60472	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:8908	P	Security update for openldap2 (Important)	2021-03-08
oval:org.opensuse.security:def:9657	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:8706	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:23172	P	Security update for openvswitch (Important)	2021-02-12
oval:org.opensuse.security:def:6993	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-02-10
oval:org.opensuse.security:def:23164	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:8997	P	Security update for nodejs8 (Moderate)	2021-01-26
oval:org.opensuse.security:def:8799	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:8966	P	Security update for wavpack (Moderate)	2021-01-21
oval:org.opensuse.security:def:10586	P	Security update for PackageKit (Moderate)	2020-12-16
oval:org.opensuse.security:def:11026	P	Security update for nsd (Moderate)	2020-12-10
oval:org.opensuse.security:def:62656	P	libXp6-32bit-1.0.3-1.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62394	P	audiofile-devel-0.3.6-1.26 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17383	P	python3-urllib3-1.22-3.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49021	P	libnewt0_52-0.52.16-1.83 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62486	P	perl-Tk-804.034-1.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:13161	P	python-urllib3-1.22-3.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49052	P	python3-urllib3-1.22-3.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2016	P	python3-keystoneclient-3.15.0-2.33 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62623	P	evince-3.34.2-1.115 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62524	P	gnome-shell-3.26.2+20180130.0d9c74212-4.16.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61847	P	libncurses6-32bit-6.1-5.6.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62573	P	libpango-1_0-0-32bit-1.40.14-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16958	P	python3-urllib3-1.22-3.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:58990	P	Security update for the Linux Kernel (Live Patch 13 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:45892	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:60599	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:37921	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45364	P	Security update for pam_pkcs11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:57755	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10762	P	libmysqlclient-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39228	P	python3-urllib3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59208	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:6748	P	libqt4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10601	P	sudo-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60510	P	perl-YAML-LibYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36927	P	libmusicbrainz4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37983	P	libvorbis-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59879	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:23799	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:39186	P	libgadu3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37887	P	libgnomesu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:11011	P	libipa_hbac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23522	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP3) (Important)	2020-12-01
oval:org.opensuse.security:def:38388	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60730	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:10463	P	libQt5Bootstrap-devel-static on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44870	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:59942	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:37713	P	xorg-x11-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45984	P	Security update for binutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:58172	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10471	P	libXinerama-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37316	P	python-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38529	P	yast2-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59146	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:38437	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45921	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:58967	P	Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:23225	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:38022	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45493	P	Recommended update for LibreOffice (Low)	2020-12-01
oval:org.opensuse.security:def:57863	P	libudisks2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10771	P	libpcp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24473	P	Security update for glib2 (Important)	2020-12-01
oval:org.opensuse.security:def:59230	P	Security update for vim (Moderate)	2020-12-01
oval:org.opensuse.security:def:6795	P	mozilla-nspr-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10620	P	NetworkManager on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60859	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:36938	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38120	P	alsa on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60178	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:23835	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:39428	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:60865	P	Security update for ucode-intel (Important)	2020-12-01
oval:org.opensuse.security:def:60768	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:37690	P	tcpdump on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:44980	P	Security update for virglrenderer (Important)	2020-12-01
oval:org.opensuse.security:def:60131	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:37741	P	bash on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39386	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:44858	P	Security update for binutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:10493	P	libexif-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37406	P	ctags on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38588	P	eog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10888	P	binutils-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59398	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:38476	P	ruby on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60627	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10896	P	cracklib-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23341	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:38079	P	tcpdump on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10784	P	libraw-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24505	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:56625	P	Security update for libssh (Important)	2020-12-01
oval:org.opensuse.security:def:59388	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:6810	P	perl-Config-IniFiles on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38637	P	libQt5WebKit5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60809	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:59207	P	Security update for shibboleth-sp (Moderate)	2020-12-01
oval:org.opensuse.security:def:37022	P	squashfs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38221	P	ibus-chewing on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:36926	P	libmspack0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60887	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:11045	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37701	P	w3m on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45162	P	Security update for gdk-pixbuf (Important)	2020-12-01
oval:org.opensuse.security:def:57304	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:38548	P	at on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10539	P	librsvg-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37566	P	libpcre1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37888	P	libgoa-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38504	P	u-boot-rpi3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10918	P	gc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23411	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:38169	P	dosfstools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45777	P	Security update for libexif (Moderate)	2020-12-01
oval:org.opensuse.security:def:56647	P	Security update for python, python-base (Moderate)	2020-12-01
oval:org.opensuse.security:def:59641	P	Security update for python3-requests (Moderate)	2020-12-01
oval:org.opensuse.security:def:6829	P	qemu on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10720	P	libass-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38676	P	libgypsy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58148	P	Security update for python-Twisted (Moderate)	2020-12-01
oval:org.opensuse.security:def:60888	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37158	P	libFLAC++6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38279	P	libdcerpc-binding0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38465	P	python-urllib3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:58968	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:61053	P	Security update for sane-backends (Important)	2020-12-01
oval:org.opensuse.security:def:45835	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:60864	P	Security update for ardana and crowbar (Important)	2020-12-01
oval:org.opensuse.security:def:37785	P	fontconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45283	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:60549	P	sysconfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38423	P	opensc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37689	P	tar on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37625	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37899	P	libjansson4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59694	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:23787	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:38748	P	libyaml-0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50453	P	Security update for python-urllib3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10964	P	libXp-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:23457	P	Security update for rsyslog (Important)	2020-12-01
oval:org.opensuse.security:def:38329	P	libmysqlclient18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60646	P	Security update for nfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:44859	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:56787	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:37674	P	sane-backends on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38704	P	libnghttp2-14 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50399	P	Security update for libpng16 (Low)	2020-12-01
oval:org.opensuse.security:def:56624	P	Security update for libXfont (Moderate)	2020-12-01
oval:org.opensuse.security:def:37259	P	libtag1 on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20202068	P	RHSA-2020:2068: python-pip security update (Moderate)	2020-05-12
oval:com.redhat.rhsa:def:20202081	P	RHSA-2020:2081: python-virtualenv security update (Moderate)	2020-05-12
oval:com.redhat.rhsa:def:20201605	P	RHSA-2020:1605: python27:2.7 security, bug fix, and enhancement update (Moderate)	2020-04-28
oval:com.redhat.rhsa:def:20201916	P	RHSA-2020:1916: python-pip security update (Moderate)	2020-04-28
oval:com.redhat.rhsa:def:20200851	P	RHSA-2020:0851: python-virtualenv security update (Moderate)	2020-03-17
oval:com.redhat.rhsa:def:20200850	P	RHSA-2020:0850: python-pip security update (Moderate)	2020-03-17
oval:org.opensuse.security:def:80807	P	Security update for python-urllib3 (Moderate)	2019-09-18
oval:org.opensuse.security:def:84341	P	Security update for python-urllib3 (Moderate)	2019-09-05
oval:org.opensuse.security:def:83893	P	Security update for python-urllib3 (Moderate)	2019-09-05
oval:org.opensuse.security:def:86980	P	Security update for python-urllib3 (Moderate)	2019-08-19
oval:com.redhat.rhsa:def:20192272	P	RHSA-2019:2272: python-urllib3 security update (Moderate)	2019-08-06
oval:com.ubuntu.disco:def:2018200600000000	V	CVE-2018-20060 on Ubuntu 19.04 (disco) - low.	2018-12-11
oval:com.ubuntu.bionic:def:201820060000	V	CVE-2018-20060 on Ubuntu 18.04 LTS (bionic) - low.	2018-12-11
oval:com.ubuntu.cosmic:def:2018200600000000	V	CVE-2018-20060 on Ubuntu 18.10 (cosmic) - low.	2018-12-11
oval:com.ubuntu.cosmic:def:201820060000	V	CVE-2018-20060 on Ubuntu 18.10 (cosmic) - low.	2018-12-11
oval:com.ubuntu.bionic:def:2018200600000000	V	CVE-2018-20060 on Ubuntu 18.04 LTS (bionic) - low.	2018-12-11
oval:com.ubuntu.trusty:def:201820060000	V	CVE-2018-20060 on Ubuntu 14.04 LTS (trusty) - low.	2018-12-11
oval:com.ubuntu.xenial:def:2018200600000000	V	CVE-2018-20060 on Ubuntu 16.04 LTS (xenial) - low.	2018-12-11
oval:com.ubuntu.xenial:def:201820060000	V	CVE-2018-20060 on Ubuntu 16.04 LTS (xenial) - low.	2018-12-11

BACK