Vulnerability CVE-2018-5712

Vulnerability Name:

CVE-2018-5712 (CCN-137654)

Assigned:

2017-06-19

Published:

2017-06-19

Updated:

2019-08-19

Summary:

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

CVSS v3 Severity:

6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

6.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

6.1 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
5.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-79

Vulnerability Consequences:

Cross-Site Scripting

References:

Source: MITRE
Type: CNA
CVE-2018-5712

Source: CONFIRM
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-5.php

Source: CONFIRM
Type: Release Notes, Vendor Advisory
http://php.net/ChangeLog-7.php

Source: CCN
Type: IBM Security Bulletin 2015535 (Lotus Protector for Mail Security)
IBM Lotus Protector for Mail Security has released fixes in response to the public disclosed vulnerability from PHP.

Source: CCN
Type: PHP Web site
PHP

Source: BID
Type: Third Party Advisory, VDB Entry
102742

Source: CCN
Type: BID-102742
PHP CVE-2018-5712 Cross Site Scripting Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
104020

Source: CCN
Type: BID-104020
PHP CVE-2018-10547 Incomplete Fix Cross Site Scripting Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1040363

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:1296

Source: REDHAT
Type: UNKNOWN
RHSA-2019:2519

Source: CCN
Type: Sec Bug #74782
Reflected XSS in .phar 404 page

Source: CONFIRM
Type: Issue Tracking, Patch, Vendor Advisory
https://bugs.php.net/bug.php?id=74782

Source: XF
Type: UNKNOWN
php-cve20185712-xss(137654)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20180120 [SECURITY] [DLA 1251-1] php5 security update

Source: UBUNTU
Type: Third Party Advisory
USN-3566-1

Source: UBUNTU
Type: Third Party Advisory
USN-3600-1

Source: UBUNTU
Type: Third Party Advisory
USN-3600-2

Source: CCN
Type: Oracle CPUApr2020
Oracle Critical Patch Update Advisory - April 2020

Source: N/A
Type: UNKNOWN
N/A

Vulnerable Configuration:

Configuration 1:

cpe:/a:php:php:*:*:*:*:*:*:*:* (Version <= 5.6.32)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version >= 7.0.0 and <= 7.0.26)

OR cpe:/a:php:php:*:*:*:*:*:*:*:* (Version > 7.1.0 and <= 7.1.12)

OR cpe:/a:php:php:7.2.0:-:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*

OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:php:php:5.6.30:-:*:*:*:*:*:*

AND

cpe:/a:ibm:lotus_protector:2.8.1:*:*:*:mail_security:*:*:*

OR cpe:/a:ibm:lotus_protector:2.8.3:*:*:*:mail_security:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20185712	V	CVE-2018-5712	2022-09-02
oval:org.opensuse.security:def:10439	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:10710	P	Security update for the Linux Kernel (Important) (in QA)	2022-01-07
oval:org.opensuse.security:def:10438	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:10372	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:10371	P	Security update for the Linux Kernel (Important)	2021-12-02
oval:org.opensuse.security:def:30156	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:32230	P	Security update for xen (Moderate)	2021-12-01
oval:org.opensuse.security:def:10170	P	Security update for qemu (Important)	2021-11-04
oval:org.opensuse.security:def:34582	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:10169	P	Security update for Salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:30245	P	Security update for transfig (Moderate)	2021-09-16
oval:org.opensuse.security:def:10147	P	Security update for xerces-c (Important)	2021-09-02
oval:org.opensuse.security:def:35263	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:10148	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:11120	P	Security update for libspf2 (Critical)	2021-08-25
oval:org.opensuse.security:def:33960	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:10139	P	Security update for djvulibre (Important)	2021-08-20
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:14308	P	libvmtools0-10.1.5-2.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14306	P	libvirglrenderer0-0.5.0-11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14957	P	libXfont1-1.5.1-11.3.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13980	P	libzip2-0.11.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14103	P	coolkey-1.1.0-147.67 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14240	P	libjasper1-1.900.14-194.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14284	P	libraptor2-0-2.0.10-3.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14319	P	libzip2-0.11.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13939	P	libpcsclite1-1.8.10-3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13947	P	libpulse-mainloop-glib0-32bit-5.0-2.7 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14085	P	apache2-mod_jk-1.2.40-5.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14114	P	curl-7.37.0-36.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14215	P	libcairo-gobject2-1.15.2-24.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14251	P	libltdl7-2.4.2-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14295	P	libsystemd0-228-142.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14968	P	libXvMC1-1.0.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13950	P	libqt4-32bit-4.8.6-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13958	P	libspice-server1-0.12.7-6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14037	P	strongswan-5.1.3-22.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14096	P	binutils-2.26.1-9.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14122	P	dosfstools-3.0.26-6.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14226	P	libgcrypt20-1.6.1-16.39.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14946	P	libIlmImf-Imf_2_1-21-2.1.0-6.13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13969	P	libupsclient1-2.7.1-4.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14979	P	libcairo-gobject2-1.15.2-25.3.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14048	P	tomcat-8.0.36-11.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14133	P	fetchmail-6.3.26-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:33949	P	Security update for qemu (Important)	2021-07-28
oval:org.opensuse.security:def:33948	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:31227	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:11099	P	Security update for fossil (Moderate)	2021-07-17
oval:org.opensuse.security:def:11098	P	Security update for claws-mail (Moderate)	2021-07-16
oval:org.opensuse.security:def:10685	P	Security update for the Linux Kernel (Important)	2021-07-15
oval:org.opensuse.security:def:10296	P	Security update for go1.15 (Important)	2021-06-30
oval:org.opensuse.security:def:38440	P	Security update for SUSE Manager Client Tools (Important)	2021-06-21
oval:org.opensuse.security:def:10277	P	Security update for spice-gtk (Moderate)	2021-06-10
oval:org.opensuse.security:def:10278	P	Security update for ucode-intel (Important)	2021-06-10
oval:org.opensuse.security:def:17179	P	libFLAC++6-32bit-1.3.0-11.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17187	P	libid3tag0-0.15.1b-182.58 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17297	P	shotwell-0.22.0+git.20160103-15.6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124640	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11434	P	pcsc-ccid-1.4.14-1.45 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16634	P	php5-devel-5.5.14-109.41.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17212	P	pulseaudio-module-bluetooth-5.0-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:11412	P	libvorbis0-1.3.3-8.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:124641	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36321	P	wget-1.11.4-1.19.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:16635	P	php7-devel-7.0.7-50.52.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17221	P	ImageMagick-6.8.8.1-71.85.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36279	P	python-imaging-1.1.6-168.34.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:38659	P	Security update for MozillaFirefox (Moderate)	2021-06-08
oval:org.opensuse.security:def:17170	P	gstreamer-0_10-plugins-bad-0.10.23-25.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:17178	P	lhasa-0.2.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:10263	P	Security update for ceph (Important)	2021-06-02
oval:org.opensuse.security:def:10262	P	Security update for curl (Moderate)	2021-05-31
oval:org.opensuse.security:def:34424	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:31140	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:34044	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:38292	P	Security update for php53 (Important)	2021-03-17
oval:org.opensuse.security:def:32269	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10216	P	Security update for wpa_supplicant (Important)	2021-03-08
oval:org.opensuse.security:def:10215	P	Security update for python-cryptography (Important)	2021-03-03
oval:org.opensuse.security:def:10397	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:34640	P	Security update for java-1_8_0-ibm (Important)	2021-02-26
oval:org.opensuse.security:def:38429	P	Security update for python-Jinja2 (Important)	2021-02-25
oval:org.opensuse.security:def:10396	P	Security update for php7 (Important)	2021-02-24
oval:org.opensuse.security:def:30024	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:10297	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:11121	P	Security update for viewvc (Moderate)	2021-01-19
oval:org.opensuse.security:def:38764	P	Security update for clamav (Moderate)	2021-01-05
oval:org.opensuse.security:def:38808	P	Security update for cyrus-sasl (Important)	2020-12-17
oval:org.opensuse.security:def:29950	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:31083	P	Security update for python-cryptography (Moderate)	2020-12-04
oval:org.opensuse.security:def:17363	P	libqt4-sql-mysql-32bit-4.8.7-8.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35570	P	kdebase3-runtime-3.5.10-20.31 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17306	P	bash-lang-4.3-83.23.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35531	P	coolkey-1.1.0-22.24 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35597	P	libpoppler-glib4-0.12.3-1.2.44 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17385	P	rhythmbox-3.4-6.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:16948	P	php7-devel-7.0.7-50.85.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:17354	P	libofx-0.9.9-3.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35641	P	syslog-ng-2.0.9-27.27.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:28194	P	Security update for libcgroup1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38600	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10752	P	libjson-c-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10453	P	hplip-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17584	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:17609	P	Security update for rpm (Important)	2020-12-01
oval:org.opensuse.security:def:17531	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:38708	P	libpango-1_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38775	P	perl-XML-LibXML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39446	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:10461	P	lib3ds-1-3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30542	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:27575	P	unixODBC_23-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37958	P	libsmi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38042	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34278	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:17708	P	Security update for graphite2 (Important)	2020-12-01
oval:org.opensuse.security:def:17572	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27628	P	Security update for kdelibs4	2020-12-01
oval:org.opensuse.security:def:29184	P	Security update for mutt (Important)	2020-12-01
oval:org.opensuse.security:def:39499	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26897	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10576	P	nut-cgi on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31439	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17629	P	Security update for net-snmp (Moderate)	2020-12-01
oval:org.opensuse.security:def:17878	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:18318	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27841	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:38190	P	gdk-pixbuf-lang on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38339	P	libopenvswitch-2_11-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31527	P	Security update for Ruby	2020-12-01
oval:org.opensuse.security:def:31592	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31424	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:30773	P	Security update for automake	2020-12-01
oval:org.opensuse.security:def:34689	P	Security update for xorg-x11-server	2020-12-01
oval:org.opensuse.security:def:34753	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:18579	P	Security update for libXcursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:30785	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:27238	P	mailx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35482	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:10447	P	gnome-settings-daemon-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17499	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:17421	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:35476	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:34783	P	Recommended update for NetworkManager-kde4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30388	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:27526	P	opensc-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34795	P	Security update for ansible (Moderate)	2020-12-01
oval:org.opensuse.security:def:34180	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17672	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:17540	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27614	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:27672	P	Security update for Ruby on Rails	2020-12-01
oval:org.opensuse.security:def:39457	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:26896	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10529	P	libpcscspy0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31383	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:28448	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:17632	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:18292	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26908	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38053	P	rpm-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35116	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17787	P	Security update for libidn (Moderate)	2020-12-01
oval:org.opensuse.security:def:28502	P	Security update for openslp (Important)	2020-12-01
oval:org.opensuse.security:def:31386	P	Security update for openvpn-openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:27766	P	Security update for jasper	2020-12-01
oval:org.opensuse.security:def:10610	P	xfig on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17844	P	Security update for util-linux (Moderate)	2020-12-01
oval:org.opensuse.security:def:17941	P	Security update for expat (Important)	2020-12-01
oval:org.opensuse.security:def:18327	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17394	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:27181	P	libevent-1_4-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38350	P	libpng16-16 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35423	P	Security update for openssl1 (Important)	2020-12-01
oval:org.opensuse.security:def:10460	P	lhasa-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17402	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35435	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:30991	P	Security update for jakarta-commons-fileupload (Important)	2020-12-01
oval:org.opensuse.security:def:28110	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:27473	P	libpoppler-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38648	P	libXrender1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10448	P	gnome-shell-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34784	P	Security update for OpenEXR (Moderate)	2020-12-01
oval:org.opensuse.security:def:17578	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:17430	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:38736	P	libtiff5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38819	P	vsftpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37946	P	libproxy1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10483	P	libapr1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28399	P	Security update for sane-backends (Moderate)	2020-12-01
oval:org.opensuse.security:def:17654	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:37969	P	libtag1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35015	P	Security update for gpgme	2020-12-01
oval:org.opensuse.security:def:34335	P	Security update for sqlite3 (Important)	2020-12-01
oval:org.opensuse.security:def:17755	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:28487	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:28546	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:28345	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:27765	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:30646	P	Security update for xorg-x11-libXv	2020-12-01
oval:org.opensuse.security:def:17856	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:18301	P	Security update for openldap2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27777	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27100	P	cpio on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38281	P	libdmx1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17850	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:30704	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:29939	P	Security update for libksba (Moderate)	2020-12-01
oval:org.opensuse.security:def:17907	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:34797	P	Security update for ansible, python-straight-plugin (Moderate)	2020-12-01
oval:org.opensuse.security:def:18542	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17457	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30859	P	Security update for e2fsprogs	2020-12-01
oval:org.opensuse.security:def:28053	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:27322	P	x3270 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38589	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:10774	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:17465	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:17521	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:38697	P	libmms0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30302	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:28346	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:10761	P	libmusicbrainz-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37947	P	libpulse-mainloop-glib0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34879	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:17641	P	Security update for postgresql93 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17645	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:17563	P	Security update for gd (Low)	2020-12-01
oval:org.opensuse.security:def:38747	P	libxml2-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28310	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:39488	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:37957	P	libshibsp-lite6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30597	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:17620	P	Security update for libwmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:17663	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:26972	P	libsnmp15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38179	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35173	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:17818	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:30685	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:30748	P	Security update for ant (Moderate)	2020-12-01
oval:org.opensuse.security:def:29220	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:29938	P	Security update for libksba	2020-12-01
oval:org.opensuse.security:def:10591	P	python3-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31488	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:17919	P	Security update for xerces-c (Moderate)	2020-12-01
oval:org.opensuse.security:def:18516	P	Security update for procps (Moderate)	2020-12-01
oval:org.opensuse.security:def:27969	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:31548	P	Security update for sblim-sfcb (Moderate)	2020-12-01
oval:org.opensuse.security:def:30774	P	Security update for avahi (Moderate)	2020-12-01
oval:org.opensuse.security:def:17436	P	Security update for mailman (Important)	2020-12-01
oval:org.opensuse.security:def:34728	P	Security update for ImageMagick (Low)	2020-12-01
oval:org.opensuse.security:def:18605	P	Security update for php7 (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20201112	P	RHSA-2020:1112: php security update (Moderate)	2020-03-31
oval:com.ubuntu.artful:def:20185712000	V	CVE-2018-5712 on Ubuntu 17.10 (artful) - medium.	2018-01-16
oval:com.ubuntu.bionic:def:20185712000	V	CVE-2018-5712 on Ubuntu 18.04 LTS (bionic) - medium.	2018-01-16
oval:com.ubuntu.bionic:def:201857120000000	V	CVE-2018-5712 on Ubuntu 18.04 LTS (bionic) - medium.	2018-01-16
oval:com.ubuntu.trusty:def:20185712000	V	CVE-2018-5712 on Ubuntu 14.04 LTS (trusty) - medium.	2018-01-16
oval:com.ubuntu.xenial:def:201857120000000	V	CVE-2018-5712 on Ubuntu 16.04 LTS (xenial) - medium.	2018-01-16
oval:com.ubuntu.xenial:def:20185712000	V	CVE-2018-5712 on Ubuntu 16.04 LTS (xenial) - medium.	2018-01-16

BACK