Vulnerability Name:

CVE-2019-10097 (CCN-165365)

Assigned:2019-08-14
Published:2019-08-14
Updated:2021-07-07
Summary:In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients.
CVSS v3 Severity:7.2 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
6.3 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
6.6 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.0 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-787
CWE-476
CWE-416)
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-10097

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:4126

Source: XF
Type: UNKNOWN
apache-http-cve201910097-dos(165365)

Source: CCN
Type: Apache Web site
Apache HTTP Server 2.4 vulnerabilities

Source: MISC
Type: Vendor Advisory
https://httpd.apache.org/security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073139 [12/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073143 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [13/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1888194 [12/13] - /httpd/site/trunk/content/security/json/

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210603 svn commit: r1075360 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html

Source: MLIST
Type: Mailing List, Vendor Advisory
[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/

Source: CCN
Type: oss-sec Mailing List, Wed, 14 Aug 2019 15:50:09 -0500
CVE-2019-10097: mod_remoteip stack buffer overflow and NULL pointer dereference

Source: CCN
Type: IBM Security Bulletin 1075233 (Rational Build Forge)
Multiple vulnerabilities in Apache HTTP Server affect Rational Build Forge (CVE-2019-9517, CVE-2019-10081, CVE-2019-10082, CVE-2019-10092, CVE-2019-10097, CVE-2019-10098)

Source: CCN
Type: IBM Security Bulletin 1097703 (i)
Multiple vulnerabilities in the IBM i HTTP Server affect IBM i.

Source: CCN
Type: IBM Security Bulletin 1489179 (Aspera Faspex)
Aspera Web Application (Faspex, Console, Orchestrator, Shares) are affected by Apache vulnerabilities (CVE-2019-9517, CVE-2019-10097)

Source: N/A
Type: Third Party Advisory
N/A

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2020.html

Source: CCN
Type: Oracle CPUOct2020
Oracle Critical Patch Update Advisory - October 2020

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2020.html

Source: MISC
Type: Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-10097

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.38:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:* (Version >= 17.1 and <= 17.3)
  • OR cpe:/a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:apache:http_server:2.4.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:http_server:2.4.38:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:7.1.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_build_forge:8.0.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_orchestrator:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_console:3.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_shares:1.9.12:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201910097
    V
    		CVE-2019-10097
    2023-06-22
    oval:org.opensuse.security:def:7434
    P
    		apache2-2.4.51-150400.6.11.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:51965
    P
    		Security update for libdb-4_8 (Low)
    2022-11-24
    oval:org.opensuse.security:def:51562
    P
    		Security update for dpkg (Low)
    2022-11-18
    oval:org.opensuse.security:def:605
    P
    		Security update for libguestfs (Moderate)
    2022-07-28
    oval:org.opensuse.security:def:3532
    P
    		java-1_7_0-openjdk-1.7.0.231-43.27.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3257
    P
    		libspice-client-glib-2_0-8-0.33-3.6.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3520
    P
    		gvim-7.4.326-17.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3463
    P
    		cups-1.7.5-20.23.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3269
    P
    		libtirpc-netconfig-1.0.1-17.13.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:934
    P
    		Security update for pcre (Important) (in QA)
    2022-06-23
    oval:org.opensuse.security:def:94492
    P
    		apache2-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2866
    P
    		arpwatch-2.1a15-5.12.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95093
    P
    		apache2-devel-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2872
    P
    		avahi-0.8-150400.5.73 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2882
    P
    		bubblewrap-0.4.1-1.16 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2862
    P
    		apache2-2.4.51-150400.4.6 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2880
    P
    		bluez-5.62-150400.2.5 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:5
    P
    		apache2-2.4.43-3.17.1 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:111948
    P
    		apache2-2.4.49-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:51764
    P
    		Security update for MozillaFirefox (Important) (in QA)
    2022-01-14
    oval:org.opensuse.security:def:4170
    P
    		Security update for webkit2gtk3 (Important)
    2021-12-02
    oval:org.opensuse.security:def:51702
    P
    		Security update for java-1_7_0-openjdk (Important)
    2021-11-24
    oval:org.opensuse.security:def:51692
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:94191
    P
    		 (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:49454
    P
    		Security update for python3 (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:105514
    P
    		apache2-2.4.49-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:51663
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-09-23
    oval:org.opensuse.security:def:63232
    P
    		qemu-3.1.0-7.1 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:68676
    P
    		Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate)
    2021-08-23
    oval:org.opensuse.security:def:4147
    P
    		Security update for fetchmail (Moderate)
    2021-08-20
    oval:org.opensuse.security:def:63094
    P
    		libicu60_2-60.2-3.9.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63458
    P
    		strongswan-nm-5.8.2-9.2 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63314
    P
    		apache2-devel-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2225
    P
    		apache2-devel-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63462
    P
    		apache2-event-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2373
    P
    		apache2-event-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:71764
    P
    		apache2-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62023
    P
    		apache2-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100904
    P
    		libcryptopp-devel-5.6.5-1.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72016
    P
    		pam_ssh-2.1-2.27 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100781
    P
    		apache2-2.4.43-3.17.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:51929
    P
    		Security update for curl (Moderate)
    2021-07-21
    oval:org.opensuse.security:def:66860
    P
    		Security update for ffmpeg (Important)
    2021-07-14
    oval:org.opensuse.security:def:51903
    P
    		Security update for libX11 (Important)
    2021-06-08
    oval:org.opensuse.security:def:4128
    P
    		Security update for libass (Moderate)
    2021-05-20
    oval:org.opensuse.security:def:1604
    P
    		Security update for graphviz (Critical)
    2021-05-19
    oval:org.opensuse.security:def:66768
    P
    		Security update for python-Pygments (Important)
    2021-05-04
    oval:org.opensuse.security:def:4124
    P
    		Security update for avahi (Moderate)
    2021-05-04
    oval:org.opensuse.security:def:74347
    P
    		Security update for avahi (Moderate)
    2021-05-04
    oval:org.opensuse.security:def:4121
    P
    		Security update for librsvg (Important)
    2021-04-28
    oval:org.opensuse.security:def:51873
    P
    		Security update for qemu (Important)
    2021-04-16
    oval:org.opensuse.security:def:69443
    P
    		Security update for spamassassin (Important)
    2021-04-12
    oval:org.opensuse.security:def:51748
    P
    		Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:4180
    P
    		Security update for avahi (Moderate)
    2021-02-23
    oval:org.opensuse.security:def:100374
    P
    		 (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:4177
    P
    		Security update for python-bottle (Important)
    2021-02-16
    oval:org.opensuse.security:def:51640
    P
    		Security update for openvswitch (Important)
    2021-02-02
    oval:org.opensuse.security:def:69697
    P
    		Security update for MozillaFirefox (Important)
    2021-01-29
    oval:org.opensuse.security:def:4130
    P
    		Security update for gdk-pixbuf (Moderate)
    2021-01-21
    oval:org.opensuse.security:def:70216
    P
    		Security update for ImageMagick (Moderate)
    2021-01-18
    oval:org.opensuse.security:def:4184
    P
    		Security update for MozillaFirefox (Important)
    2021-01-12
    oval:org.opensuse.security:def:69592
    P
    		Security update for nodejs10 (Moderate)
    2021-01-11
    oval:org.opensuse.security:def:51607
    P
    		Security update for openssh (Moderate)
    2021-01-05
    oval:org.opensuse.security:def:4114
    P
    		Security update for PackageKit (Low)
    2020-12-22
    oval:org.opensuse.security:def:64281
    P
    		Security update for xen (Moderate)
    2020-12-18
    oval:org.opensuse.security:def:51854
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:3907
    P
    		gnome-settings-daemon-devel-3.20.1-50.16.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:49046
    P
    		libzzip-0-13-0.13.67-10.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107040
    P
    		apache2-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3899
    P
    		gegl-devel-0.2.0-14.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3975
    P
    		libexiv2-devel-0.23-12.5.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62436
    P
    		libcups2-32bit-2.2.7-1.24 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4046
    P
    		libreoffice-sdk-6.2.7.1-43.56.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62412
    P
    		gnome-online-accounts-devel-3.26.2-3.34 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4074
    P
    		libvorbis-devel-1.3.3-10.14.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2538
    P
    		libmwaw-0_3-3-0.3.15-4.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:93661
    P
    		apache2-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3963
    P
    		libcares-devel-1.9.1-9.4.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:61694
    P
    		apache2-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107570
    P
    		apache2-devel-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3955
    P
    		libapr1-1.5.1-4.5.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3959
    P
    		libatalk12-3.1.0-3.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4002
    P
    		liblcms-devel-1.19-17.28 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2532
    P
    		icedtea-web-1.7.1-5.13 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2528
    P
    		gimp-2.10.12-1.100 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62892
    P
    		cargo-1.33.0-1.13 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:48992
    P
    		gstreamer-0_10-plugins-bad-0.10.23-25.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:49045
    P
    		libzmq3-4.0.4-15.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4015
    P
    		libneon-devel-0.30.0-3.64 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:116598
    P
    		apache2-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4058
    P
    		libssh2-devel-1.4.3-20.9.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4091
    P
    		mercurial-2.8.2-15.13.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72132
    P
    		gnome-settings-daemon-3.26.2-6.12 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:71435
    P
    		apache2-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62413
    P
    		gnome-settings-daemon-3.26.2-6.12 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2550
    P
    		libwmf-0_2-7-0.2.8.4-2.30 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3919
    P
    		hplip-devel-3.16.11-1.33 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63249
    P
    		apache2-devel-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:3990
    P
    		libid3tag-devel-0.15.1b-184.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2160
    P
    		apache2-devel-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117128
    P
    		apache2-devel-2.4.43-1.15 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4018
    P
    		libntfs-3g-devel-2013.1.13-5.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62613
    P
    		NetworkManager-1.22.6-1.36 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72678
    P
    		kernel-docs-5.3.18-22.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2813
    P
    		Security update for MozillaFirefox, MozillaFirefox-branding-SLE (Important)
    2020-12-02
    oval:org.opensuse.security:def:2833
    P
    		Security update for libexif (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2609
    P
    		Security update for podman, slirp4netns and libcontainers-common (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2619
    P
    		Security update for conmon, fuse-overlayfs, libcontainers-common, podman (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4822
    P
    		Security update for gnuplot (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2564
    P
    		Security update for apache-commons-httpclient (Important)
    2020-12-02
    oval:org.opensuse.security:def:2579
    P
    		Security update for wpa_supplicant (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4787
    P
    		Security update for apache2 (Important)
    2020-12-02
    oval:org.opensuse.security:def:2801
    P
    		Security update for ImageMagick (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2827
    P
    		Security update for libvpx (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2842
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-02
    oval:org.opensuse.security:def:2617
    P
    		Security update for slirp4netns (Important)
    2020-12-02
    oval:org.opensuse.security:def:4843
    P
    		Security update for apache2 (Important)
    2020-12-02
    oval:org.opensuse.security:def:2795
    P
    		Security update for MozillaFirefox (Important)
    2020-12-02
    oval:org.opensuse.security:def:2791
    P
    		Security update for MozillaFirefox (Important)
    2020-12-02
    oval:org.opensuse.security:def:2570
    P
    		Security update for ucode-intel (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:2603
    P
    		Security update for helm-mirror (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4766
    P
    		Security update for xen (Important)
    2020-12-02
    oval:org.opensuse.security:def:50968
    P
    		Security update for shim (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:72796
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50298
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50554
    P
    		Security update for netpbm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51236
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50523
    P
    		Security update for python-numpy (Important)
    2020-12-01
    oval:org.opensuse.security:def:50458
    P
    		Security update for openldap2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53274
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50439
    P
    		Security update for subversion (Important)
    2020-12-01
    oval:org.opensuse.security:def:70111
    P
    		libpotrace0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50416
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:49659
    P
    		libcdio++0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:65342
    P
    		Security update for bzip2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:50628
    P
    		Security update for expat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49903
    P
    		apache2-mod_wsgi on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:72914
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:51024
    P
    		Security update for python-pip (Important)
    2020-12-01
    oval:org.opensuse.security:def:50125
    P
    		xalan-j2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50364
    P
    		Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73032
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49309
    P
    		python3-PyYAML on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51506
    P
    		Security update for go1.15 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51798
    P
    		Security update for obs-service-tar_scm (Important)
    2020-12-01
    oval:org.opensuse.security:def:51292
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49191
    P
    		libmariadb3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:65432
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50495
    P
    		Security update for qemu (Important)
    2020-12-01
    oval:org.opensuse.security:def:64025
    P
    		Security update for mgetty (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:74221
    P
    		Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:49542
    P
    		libavcodec57 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50472
    P
    		Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50805
    P
    		Security update for graphviz (Low)
    2020-12-01
    oval:org.opensuse.security:def:66015
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:49797
    P
    		pam-devel-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:68779
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:51072
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73433
    P
    		libmad-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49064
    P
    		cairo-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50388
    P
    		Security update for bluez (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50627
    P
    		Security update for glib2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73551
    P
    		apache2-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50417
    P
    		Security update for zeromq (Important)
    2020-12-01
    oval:org.opensuse.security:def:69338
    P
    		Security update for nmap (Important)
    2020-12-01
    oval:org.opensuse.security:def:63785
    P
    		Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:51820
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:53149
    P
    		Security update for ldb, samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:66107
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:49805
    P
    		perl-YAML-LibYAML on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50861
    P
    		Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50035
    P
    		spice-gtk-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50291
    P
    		Security update for qemu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66249
    P
    		Security update for rubygem-activesupport-5_1 (Critical)
    2020-12-01
    oval:org.opensuse.security:def:50060
    P
    		graphviz-tcl on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50260
    P
    		Security update for unzip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49991
    P
    		apache2-mod_nss on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51128
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:50195
    P
    		libmwaw-0_3-3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53218
    P
    		Security update for apache2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:49327
    P
    		rzsz on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50473
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:63919
    P
    		Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:49308
    P
    		python3-Jinja2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49396
    P
    		cups-pk-helper on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64169
    P
    		Security update for apache-commons-httpclient (Important)
    2020-12-01
    oval:org.opensuse.security:def:53205
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50572
    P
    		Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:64127
    P
    		Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66341
    P
    		apache2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49640
    P
    		hplip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50045
    P
    		apache2-devel on GA media (Moderate)
    2020-12-01
    oval:com.redhat.rhsa:def:20204751
    P
    		RHSA-2020:4751: httpd:2.4 security, bug fix, and enhancement update (Moderate)
    2020-11-04
    oval:com.ubuntu.disco:def:2019100970000000
    V
    		CVE-2019-10097 on Ubuntu 19.04 (disco) - medium.
    2019-09-26
    oval:org.opensuse.security:def:109971
    P
    		Security update for apache2 (Important)
    2019-09-02
    oval:org.opensuse.security:def:98656
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:org.opensuse.security:def:104453
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:org.opensuse.security:def:90798
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:org.opensuse.security:def:105346
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:org.opensuse.security:def:97763
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:org.opensuse.security:def:91706
    P
    		Security update for apache2 (Important)
    2019-08-28
    oval:com.ubuntu.bionic:def:2019100970000000
    V
    		CVE-2019-10097 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-08-14
    oval:com.ubuntu.xenial:def:2019100970000000
    V
    		CVE-2019-10097 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-08-14
    BACK
    apache http server 2.4.33
    apache http server 2.4.34
    apache http server 2.4.35
    apache http server 2.4.37
    apache http server 2.4.38
    oracle communications element manager 8.0.0
    oracle communications element manager 8.1.0
    oracle communications element manager 8.1.1
    oracle communications element manager 8.2.0
    oracle communications session report manager 8.1.1
    oracle communications session report manager 8.2.0
    oracle communications session report manager 8.2.1
    oracle communications session route manager 8.1.1
    oracle communications session route manager 8.2.0
    oracle communications session route manager 8.2.1
    oracle enterprise manager ops center 12.3.3
    oracle enterprise manager ops center 12.4.0
    oracle retail xstore point of service 7.1
    oracle instantis enterprisetrack *
    oracle http server 12.2.1.4.0
    apache http server 2.4.33
    apache http server 2.4.34
    apache http server 2.4.35
    apache http server 2.4.37
    apache http server 2.4.38
    ibm rational build forge 8.0
    ibm rational build forge 8.0.0.1
    ibm rational build forge 8.0.0.2
    ibm i 7.2
    ibm rational build forge 7.1.3
    ibm rational build forge 7.1.3.1
    ibm rational build forge 7.1.3.2
    ibm rational build forge 7.1.3.3
    ibm rational build forge 7.1.3.4
    ibm rational build forge 7.1.3.5
    ibm rational build forge 7.1.1.4
    ibm rational build forge 7.1.2
    ibm rational build forge 7.1.2.1
    ibm rational build forge 7.1.2.2
    ibm rational build forge 7.1.2.3
    ibm rational build forge 7.1.1.1
    ibm rational build forge 7.1.1.2
    ibm rational build forge 7.1.1.3
    ibm rational build forge 7.1.3.6
    ibm rational build forge 8.0.0.3
    ibm rational build forge 8.0.0.4
    ibm rational build forge 8.0.0.5
    ibm rational build forge 8.0.0.6
    ibm rational build forge 8.0.0.7
    ibm rational build forge 8.0.0.8
    ibm rational build forge 8.0.0.9
    ibm rational build forge 8.0.0.10
    ibm rational build forge 8.0.0.11
    ibm rational build forge 8.0.0.12
    ibm aspera orchestrator 3.1.1
    ibm aspera console 3.3.3
    ibm aspera shares 1.9.12