Vulnerability CVE-2018-7159

Vulnerability Name:

CVE-2018-7159 (CCN-143448)

Assigned:

2018-03-08

Published:

2018-03-08

Updated:

2020-02-13

Summary:

The HTTP parser in all current versions of Node.js ignores spaces in the `Content-Length` header, allowing input such as `Content-Length: 1 2` to be interpreted as having a value of `12`. The HTTP specification does not allow for spaces in the `Content-Length` value and the Node.js HTTP parser has been brought into line on this particular difference. The security risk of this flaw to Node.js users is considered to be VERY LOW as it is difficult, and may be impossible, to craft an attack that makes use of this flaw in a way that could not already be achieved by supplying an incorrect value for `Content-Length`. Vulnerabilities may exist in user-code that make incorrect assumptions about the potential accuracy of this value compared to the actual length of the data supplied. Node.js users crafting lower-level HTTP utilities are advised to re-check the length of any input supplied after parsing is complete.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Bypass Security

References:

Vulnerable Configuration:

Configuration 1:

cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 4.0.0 and <= 4.1.2)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 4.2.0 and < 4.9.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 6.0.0 and <= 6.8.1)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 6.9.0 and < 6.14.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 8.0.0 and <= 8.8.1)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 8.9.0 and < 8.11.0)

OR cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 9.0.0 and < 9.10.0)

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:nodejs:node.js:*:*:*:*:*:*:*:*

AND

cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:18.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:i2_enterprise_insight_analysis:2.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:2.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_bus:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20187159	V	CVE-2018-7159	2022-09-02
oval:org.opensuse.security:def:94261	P	(Important)	2022-07-14
oval:org.opensuse.security:def:94259	P	(Important)	2022-07-12
oval:org.opensuse.security:def:1682	P	Security update for apache2 (Important) (in QA)	2022-06-14
oval:org.opensuse.security:def:1681	P	Security update for qemu (Important) (in QA)	2022-06-13
oval:org.opensuse.security:def:1673	P	Security update for postgresql14 (Important)	2022-06-01
oval:org.opensuse.security:def:1095	P	Security update for wavpack (Moderate)	2022-03-28
oval:org.opensuse.security:def:1094	P	Security update for libqt5-qtbase (Important)	2022-03-15
oval:org.opensuse.security:def:1691	P	Security update for mariadb (Important)	2022-03-04
oval:org.opensuse.security:def:1689	P	Security update for python-Twisted (Important)	2022-02-18
oval:org.opensuse.security:def:38668	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-17
oval:org.opensuse.security:def:32286	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:1086	P	Security update for openexr (Important)	2022-01-12
oval:org.opensuse.security:def:58073	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:33060	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:33753	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:30159	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:58049	P	Security update for webkit2gtk3 (Important)	2021-11-23
oval:org.opensuse.security:def:33742	P	Security update for postgresql10 (Important)	2021-11-22
oval:org.opensuse.security:def:33037	P	Security update for tomcat (Important)	2021-11-03
oval:org.opensuse.security:def:35273	P	Security update for util-linux (Moderate)	2021-10-20
oval:org.opensuse.security:def:38754	P	Security update for cairo (Low)	2021-09-30
oval:org.opensuse.security:def:29429	P	Security update for libqt5-qtbase (Important)	2021-09-30
oval:org.opensuse.security:def:38717	P	Security update for atftp (Moderate)	2021-09-29
oval:org.opensuse.security:def:66930	P	Security update for ffmpeg (Important)	2021-09-23
oval:org.opensuse.security:def:71349	P	mutt-1.10.1-3.3.4 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:66928	P	Security update for grafana-piechart-panel (Moderate)	2021-09-21
oval:org.opensuse.security:def:71348	P	mozilla-nspr-32bit-4.20-3.3.2 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:64761	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:64762	P	Security update for apache2 (Important)	2021-09-03
oval:org.opensuse.security:def:29418	P	Security update for file (Important)	2021-09-02
oval:org.opensuse.security:def:29417	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:30120	P	Security update for bind (Moderate)	2021-08-30
oval:org.opensuse.security:def:70284	P	Security update for mariadb (Moderate)	2021-08-25
oval:org.opensuse.security:def:57999	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:34514	P	Security update for qemu (Moderate)	2021-08-23
oval:org.opensuse.security:def:14105	P	cpio-2.11-35.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14315	P	libxml2-2-2.9.4-45.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14988	P	libexempi3-2.2.1-5.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13957	P	libspice-client-glib-2_0-8-0.31-7.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47944	P	alsa-1.0.27.2-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14057	P	wireshark-1.12.13-31.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14304	P	libusbmuxd4-1.0.10-2.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47751	P	libnm-glib-vpn1-1.0.12-13.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47615	P	gdk-pixbuf-lang-2.34.0-19.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13989	P	opensc-0.13.0-1.107 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48317	P	syslog-service-2.0-778.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47630	P	groff-1.22.2-5.287 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13967	P	libtiff5-32bit-4.0.6-26.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48169	P	libpcre1-32bit-8.39-8.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47608	P	file-5.22-10.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48077	P	libXfont1-1.5.1-11.3.12 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13959	P	libsqlite3-0-3.8.10.2-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47945	P	ant-1.9.4-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47752	P	libopenjp2-7-2.1.0-4.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47616	P	gdk-pixbuf-loader-rsvg-2.40.20-5.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47631	P	grub2-2.02-11.8 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14964	P	libXrender1-0.9.8-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14258	P	libmspack0-0.4-14.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47617	P	gdm-3.10.0.1-54.6.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14233	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48308	P	spice-vdagent-0.16.0-8.5.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14140	P	gdk-pixbuf-lang-2.34.0-18.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48160	P	libopenssl-1_0_0-devel-1.0.2p-3.11.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14121	P	dnsmasq-2.76-17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14326	P	mipv6d-2.0.2.umip.0.4-19.63 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48068	P	libQt5WebKit5-5.6.2-1.31 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14103	P	coolkey-1.1.0-147.67 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14313	P	libxcb-dri2-0-1.10-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14966	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14986	P	libecpg6-10.10-1.15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47936	P	zypper-1.13.45-21.23.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14260	P	libmysqlclient18-10.0.30-28.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14055	P	w3m-0.5.3-157.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14302	P	libudisks2-0-2.1.3-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47743	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14235	P	libicu-doc-52.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47607	P	fetchmail-6.3.26-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13987	P	mutt-1.6.0-54.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48316	P	sysconfig-0.84.0-13.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47622	P	glibc-2.22-15.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14142	P	gdm-3.10.0.1-52.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:13965	P	libtcnative-1-0-1.1.32-9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48168	P	libpcap1-1.8.1-10.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14123	P	dovecot22-2.2.30.2-14.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14328	P	mutt-1.6.0-54.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48076	P	libXfixes3-32bit-5.0.1-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:38715	P	Security update for aspell (Important)	2021-08-12
oval:org.opensuse.security:def:100974	P	libsndfile-devel-1.0.28-5.5.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100972	P	libsha1detectcoll-devel-1.0.3-2.18 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:38199	P	Security update for kvm (Important)	2021-08-06
oval:org.opensuse.security:def:31224	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:57968	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:30222	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:68008	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) (Important)	2021-07-14
oval:org.opensuse.security:def:68009	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP1) (Important)	2021-07-14
oval:org.opensuse.security:def:66838	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:66836	P	Security update for gupnp (Important)	2021-06-18
oval:org.opensuse.security:def:32949	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:48615	P	rpcbind-0.2.3-21.4 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48741	P	libproxy1-networkmanager-32bit-0.4.11-11.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48531	P	libotr5-4.0.0-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48676	P	gnome-shell-calendar-3.10.4-22.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48844	P	java-1_7_0-openjdk-plugin-1.6.2-2.8.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48773	P	gd-32bit-2.1.0-12.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48742	P	libqt4-sql-mysql-32bit-4.8.6-4.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48677	P	java-1_7_0-openjdk-plugin-1.5.1-1.13 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48606	P	python-imaging-1.1.7-21.8 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48522	P	libmodplug1-0.8.8.4-13.63 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48835	P	gegl-0_2-0.2.0-14.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48764	P	bash-lang-4.3-78.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48614	P	res-signingkeys-3.0.18-26.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48733	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48530	P	libopenssl-devel-1.0.2j-55.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48668	P	empathy-3.10.3-1.131 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48843	P	imobiledevice-tools-1.2.0-7.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48772	P	gcc48-gij-32bit-4.8.5-30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:57930	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31180	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:33657	P	Security update for djvulibre (Important)	2021-05-31
oval:org.opensuse.security:def:73619	P	Security update for dtc (Low)	2021-05-13
oval:org.opensuse.security:def:34430	P	Security update for xen (Important)	2021-05-12
oval:org.opensuse.security:def:30071	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:33899	P	Security update for permissions (Important)	2021-04-29
oval:org.opensuse.security:def:34418	P	Security update for curl (Moderate)	2021-04-28
oval:org.opensuse.security:def:34419	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:31159	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:30178	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:32892	P	Security update for fwupdate (Important)	2021-04-08
oval:org.opensuse.security:def:33104	P	Security update for tar (Low)	2021-03-29
oval:org.opensuse.security:def:64674	P	Security update for python3 (Moderate)	2021-03-24
oval:org.opensuse.security:def:64675	P	Security update for zstd (Moderate)	2021-03-24
oval:org.opensuse.security:def:68108	P	Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:28955	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:68109	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)	2021-03-17
oval:org.opensuse.security:def:32275	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:32274	P	Security update for glib2 (Important)	2021-03-16
oval:org.opensuse.security:def:33781	P	Security update for openssl-1_1 (Moderate)	2021-03-09
oval:org.opensuse.security:def:34650	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:38449	P	Security update for salt (Critical)	2021-02-26
oval:org.opensuse.security:def:38609	P	Security update for ImageMagick (Moderate)	2021-02-23
oval:org.opensuse.security:def:30016	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)	2021-02-10
oval:org.opensuse.security:def:32998	P	Security update for python-urllib3 (Moderate)	2021-02-03
oval:org.opensuse.security:def:73621	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:70286	P	Security update for dovecot23 (Important)	2021-01-05
oval:org.opensuse.security:def:57099	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:63408	P	nodejs10-10.19.0-1.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71462	P	cracklib-2.9.6-9.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2311	P	nodejs10-10.15.2-1.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63392	P	nodejs8-8.11.1-1.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107638	P	nodejs10-10.19.0-1.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63410	P	nodejs8-8.17.0-8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2312	P	nodejs8-8.15.1-3.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63400	P	nodejs10-10.15.2-1.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107640	P	nodejs8-8.17.0-8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117196	P	nodejs10-10.19.0-1.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90088	P	nodejs10-10.15.2-1.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2319	P	nodejs10-10.19.0-1.18.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103743	P	nodejs10-10.15.2-1.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63401	P	nodejs8-8.15.1-3.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71461	P	cpp7-7.5.0+r278197-4.16.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2303	P	nodejs8-8.11.1-1.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117198	P	nodejs8-8.17.0-8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35952	P	libgnomesu-1.0.0-307.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:90089	P	nodejs8-8.15.1-3.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2321	P	nodejs8-8.17.0-8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:103744	P	nodejs8-8.15.1-3.14.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35911	P	gstreamer-0_10-plugins-base-0.10.35-5.15.8 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:28343	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38447	P	perl-YAML-LibYAML on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29863	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28276	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:38357	P	libpython3_4m1_0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38826	P	xfsprogs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33428	P	Security update for clamav, clamav-db, clamav-debuginfo, clamav-debugsource	2020-12-01
oval:org.opensuse.security:def:29777	P	Security update for GnuTLS	2020-12-01
oval:org.opensuse.security:def:50068	P	libecpg6 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38299	P	libhogweed2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31120	P	Security update for krb5	2020-12-01
oval:org.opensuse.security:def:38782	P	python-imaging on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39506	P	Security update for nodejs4 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29720	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:32736	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31862	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30897	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:28264	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:38197	P	glibc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31071	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:70179	P	log4j12-javadoc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29633	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:32649	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38060	P	sane-backends on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31015	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:39464	P	Security update for php5 (Important)	2020-12-01
oval:org.opensuse.security:def:50123	P	nodejs8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37964	P	libsqlite3-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29501	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:32592	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57764	P	libXRes1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37976	P	libupsclient1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30860	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:34114	P	Security update for nagios (Moderate)	2020-12-01
oval:org.opensuse.security:def:73501	P	glibc-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32498	P	cups on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:38359	P	libqpdf18 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57656	P	Security update for xscreensaver (Moderate)	2020-12-01
oval:org.opensuse.security:def:38828	P	xlockmore on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30773	P	Security update for automake	2020-12-01
oval:org.opensuse.security:def:34056	P	Security update for libvorbis (Moderate)	2020-12-01
oval:org.opensuse.security:def:50069	P	libfpm_pb0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32363	P	Security update for sudo (Moderate)	2020-12-01
oval:org.opensuse.security:def:38301	P	libicu-doc on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:57371	P	Security update for gdk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38784	P	python-pyOpenSSL on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39508	P	Security update for nodejs6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30716	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31900	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:57205	P	Security update for pidgin	2020-12-01
oval:org.opensuse.security:def:38756	P	ntp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70181	P	ncurses-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30626	P	Security update for Xen and libvirt	2020-12-01
oval:org.opensuse.security:def:33810	P	Security update for ghostscript-library (Moderate)	2020-12-01
oval:org.opensuse.security:def:34271	P	Security update for puppet (Moderate)	2020-12-01
oval:org.opensuse.security:def:30409	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:38062	P	shadow on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:39466	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50130	P	nodejs10 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:37966	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30494	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:34227	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34949	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:37978	P	libvdpau1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56926	P	Security update for ovmf (Moderate)	2020-12-01
oval:org.opensuse.security:def:35114	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:73503	P	graphviz-perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30420	P	Security update for xorg-x11-libXpm (Moderate)	2020-12-01
oval:org.opensuse.security:def:28906	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:34202	P	Security update for perl-Archive-Zip (Moderate)	2020-12-01
oval:org.opensuse.security:def:37965	P	libsrtp1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56688	P	Security update for netatalk (Important)	2020-12-01
oval:org.opensuse.security:def:35055	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:57856	P	libssh2-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50076	P	libsaml-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:56525	P	Security update for bluez (Moderate)	2020-12-01
oval:org.opensuse.security:def:33521	P	Security update for strongswan	2020-12-01
oval:org.opensuse.security:def:28852	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:34163	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:34909	P	Security update for dnsmasq (Moderate)	2020-12-01
oval:org.opensuse.security:def:50114	P	nodejs8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33427	P	Security update for Samba	2020-12-01
oval:org.opensuse.security:def:56548	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:34896	P	Security update for cyrus-imapd (Low)	2020-12-01
oval:org.opensuse.security:def:30408	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33439	P	Security update for ethereal and wireshark	2020-12-01
oval:org.opensuse.security:def:28700	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:56526	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34806	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28616	P	Security update for xorg-x11-libXext	2020-12-01
oval:org.opensuse.security:def:29055	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:50060	P	graphviz-tcl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50132	P	nodejs8 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:34749	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35229	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:28559	P	Security update for gtk2	2020-12-01
oval:org.opensuse.security:def:38666	P	libevent-2_0-5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29011	P	Security update for graphviz (Low)	2020-12-01
oval:org.opensuse.security:def:29693	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:29729	P	Security update for Mozilla Firefox (Important)	2020-12-01
oval:org.opensuse.security:def:35202	P	Security update for PostgreSQL 9.1	2020-12-01
oval:org.opensuse.security:def:37967	P	libssh4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28474	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:38607	P	gnome-settings-daemon on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28994	P	Security update for conntrack-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:50078	P	libspice-server-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28265	P	Security update for mercurial (Important)	2020-12-01
oval:org.opensuse.security:def:35163	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:50122	P	nodejs10 on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20192258	P	RHSA-2019:2258: http-parser security update (Moderate)	2019-08-06
oval:com.ubuntu.bionic:def:201871590000000	V	CVE-2018-7159 on Ubuntu 18.04 LTS (bionic) - low.	2018-05-17
oval:com.ubuntu.artful:def:20187159000	V	CVE-2018-7159 on Ubuntu 17.10 (artful) - untriaged.	2018-05-17
oval:com.ubuntu.xenial:def:20187159000	V	CVE-2018-7159 on Ubuntu 16.04 LTS (xenial) - low.	2018-05-17
oval:com.ubuntu.xenial:def:201871590000000	V	CVE-2018-7159 on Ubuntu 16.04 LTS (xenial) - low.	2018-05-17
oval:com.ubuntu.bionic:def:20187159000	V	CVE-2018-7159 on Ubuntu 18.04 LTS (bionic) - low.	2018-05-17
oval:com.ubuntu.disco:def:201871590000000	V	CVE-2018-7159 on Ubuntu 19.04 (disco) - low.	2018-05-17
oval:com.ubuntu.cosmic:def:20187159000	V	CVE-2018-7159 on Ubuntu 18.10 (cosmic) - low.	2018-05-17
oval:com.ubuntu.cosmic:def:201871590000000	V	CVE-2018-7159 on Ubuntu 18.10 (cosmic) - low.	2018-05-17
oval:com.ubuntu.trusty:def:20187159000	V	CVE-2018-7159 on Ubuntu 14.04 LTS (trusty) - low.	2018-05-17
oval:org.opensuse.security:def:80708	P	Security update for nodejs6 (Moderate)	2018-05-09

BACK