Vulnerability CVE-2019-16792

Vulnerability Name:

CVE-2019-16792 (CCN-175630)

Assigned:

2019-12-20

Published:

2019-12-20

Updated:

2022-05-13

Summary:

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): High Availibility (A): None

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-444

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2019-16792

Source: MISC
Type: Release Notes
https://docs.pylonsproject.org/projects/waitress/en/latest/#security-fixes

Source: XF
Type: UNKNOWN
waitress-cve201916792-request-smuggling(175630)

Source: MISC
Type: Patch
https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65

Source: CCN
Type: Waitress GIT Repository
HTTP Request Smuggling: Content-Length Sent Twice

Source: CONFIRM
Type: Third Party Advisory
https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20220512 [SECURITY] [DLA 3000-1] waitress security update

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpuapr2022.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:agendaless:waitress:*:*:*:*:*:*:*:* (Version <= 1.3.1)

Configuration CCN 1:

cpe:/a:agendaless:waitress:1.3.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201916792	V	CVE-2019-16792	2023-06-22
oval:org.opensuse.security:def:7789	P	python3-waitress-1.4.3-150000.3.6.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51981	P	Security update for mozilla-nss (Important)	2023-01-20
oval:org.opensuse.security:def:51571	P	Security update for tiff (Important)	2022-11-28
oval:org.opensuse.security:def:51950	P	Security update for kubevirt stack (Important)	2022-11-14
oval:org.opensuse.security:def:4657	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-07-21
oval:org.opensuse.security:def:3408	P	xorg-x11-server-1.19.6-8.18 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3396	P	w3m-0.5.3.git20161120-161.3.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3839	P	zypper-1.13.51-21.26.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3838	P	zsh-5.0.5-6.7.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3154	P	libapr1-1.5.1-4.5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3170	P	libexif12-0.6.21-8.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3346	P	python-pywbem-0.7.0-4.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3115	P	java-1_8_0-openjdk-1.8.0.222-27.35.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3186	P	libicu-doc-52.1-8.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3387	P	u-boot-rpi3-2019.01-3.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3414	P	yubikey-manager-0.6.0-1.27 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3820	P	wpa_supplicant-2.6-15.10.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3825	P	xfsprogs-4.15.0-1.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3130	P	libSDL-1_2-0-1.2.15-15.11.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3338	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3168	P	libevent-2_0-5-2.0.21-6.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3410	P	xscreensaver-5.22-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3808	P	transfig-3.2.5e-2.3.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3160	P	libcairo-gobject2-1.15.2-25.3.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3357	P	rsyslog-8.24.0-3.28.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3411	P	yast2-3.2.50-4.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3813	P	unzip-6.00-33.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3121	P	krb5-appl-clients-1.0.3-1.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95116	P	libct4-1.1.36-150400.12.3 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94816	P	python3-waitress-1.4.3-3.3.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:295	P	python3-waitress-1.4.3-3.3.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:4624	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4608	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2022-05-21
oval:org.opensuse.security:def:5245	P	Security update for poppler (Moderate)	2022-05-18
oval:org.opensuse.security:def:4597	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-05-09
oval:org.opensuse.security:def:4585	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2022-04-25
oval:org.opensuse.security:def:4592	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-04-25
oval:org.opensuse.security:def:4581	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-04-23
oval:org.opensuse.security:def:4580	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-04-23
oval:org.opensuse.security:def:5223	P	Security update for libxml2 (Important)	2022-04-22
oval:org.opensuse.security:def:94438	P	(Important)	2022-04-22
oval:org.opensuse.security:def:4575	P	Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important)	2022-04-15
oval:org.opensuse.security:def:4576	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2022-04-15
oval:org.opensuse.security:def:4569	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) (Important)	2022-04-13
oval:org.opensuse.security:def:101829	P	Security update for protobuf (Moderate)	2022-03-30
oval:org.opensuse.security:def:4706	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-03-29
oval:org.opensuse.security:def:4705	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5) (Important)	2022-03-29
oval:org.opensuse.security:def:4691	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-03-01
oval:org.opensuse.security:def:4678	P	Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (Critical)	2022-02-16
oval:org.opensuse.security:def:5364	P	Security update for ghostscript (Moderate)	2022-01-14
oval:org.opensuse.security:def:52037	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:70574	P	Security update for go1.17 (Moderate)	2021-12-23
oval:org.opensuse.security:def:68312	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP2) (Important)	2021-12-14
oval:org.opensuse.security:def:51715	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:4543	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2021-12-14
oval:org.opensuse.security:def:64811	P	Security update for wireshark (Moderate)	2021-12-06
oval:org.opensuse.security:def:73756	P	Security update for clamav (Moderate)	2021-12-06
oval:org.opensuse.security:def:4523	P	Security update for aaa_base (Moderate)	2021-12-03
oval:org.opensuse.security:def:74679	P	Security update for go1.16 (Moderate)	2021-12-01
oval:org.opensuse.security:def:51702	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:70316	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:67326	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:1224	P	Security update for postgresql12 (Important)	2021-11-22
oval:org.opensuse.security:def:67316	P	Security update for samba (Important)	2021-11-15
oval:org.opensuse.security:def:51688	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:64613	P	Security update for samba (Important)	2021-11-10
oval:org.opensuse.security:def:66973	P	Security update for the Linux Kernel (Important)	2021-11-09
oval:org.opensuse.security:def:60393	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:73896	P	Security update for curl (Moderate)	2021-10-06
oval:org.opensuse.security:def:96618	P	libXt-devel-1.1.5-2.24 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:49451	P	Security update for php74-pear (Important)	2021-09-09
oval:org.opensuse.security:def:64567	P	Security update for gstreamer-plugins-good (Moderate)	2021-09-02
oval:org.opensuse.security:def:1777	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:67231	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:2415	P	openconnect-7.08-6.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2427	P	python2-waitress-1.4.3-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:4726	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:63516	P	python2-waitress-1.4.3-3.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1910	P	crash-7.2.9-21.4 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72706	P	FastCGI-2.4.0-2.23 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1914	P	cvs-1.12.12-2.30 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1926	P	jackson-databind-2.10.5.1-3.3.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71765	P	apparmor-abstractions-2.13.6-1.31 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1923	P	graphviz-perl-2.40.1-6.6.8 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62313	P	python3-waitress-1.4.3-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1911	P	cross-nvptx-gcc7-7.5.0+r278197-4.25.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72054	P	python3-waitress-1.4.3-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101071	P	python3-waitress-1.4.3-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1921	P	go1.16-1.16.3-1.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1927	P	jcl-over-slf4j-1.7.30-1.34 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101151	P	fwupd-1.5.8-1.13 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:69250	P	Security update for php7 (Important)	2021-08-06
oval:org.opensuse.security:def:69067	P	Security update for qemu (Important)	2021-07-27
oval:org.opensuse.security:def:4462	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-07-27
oval:org.opensuse.security:def:51613	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:4446	P	Security update for the Linux Kernel (Important)	2021-07-20
oval:org.opensuse.security:def:4562	P	Security update for jdom2 (Important)	2021-07-12
oval:org.opensuse.security:def:51606	P	Security update for libsolv (Important)	2021-06-28
oval:org.opensuse.security:def:4434	P	Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:59497	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:70421	P	Security update for squid (Important)	2021-06-11
oval:org.opensuse.security:def:59492	P	Security update for caribou (Important)	2021-06-10
oval:org.opensuse.security:def:72590	P	perl-DNS-LDNS-1.7.0-2.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48755	P	python-devel-2.7.9-20.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:60277	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:59745	P	Security update for libX11 (Important)	2021-06-08
oval:org.opensuse.security:def:48888	P	typelib-1_0-EvinceDocument-3_0-3.20.1-5.66 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:51579	P	Security update for MozillaFirefox (Important)	2021-06-08
oval:org.opensuse.security:def:48847	P	lhasa-0.2.0-5.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:64704	P	Security update for python-py (Moderate)	2021-06-04
oval:org.opensuse.security:def:64703	P	Security update for polkit (Important)	2021-06-03
oval:org.opensuse.security:def:73638	P	Security update for dhcp (Important)	2021-06-02
oval:org.opensuse.security:def:64501	P	Security update for lz4 (Important)	2021-05-19
oval:org.opensuse.security:def:4723	P	Security update for the Linux Kernel (Important)	2021-05-14
oval:org.opensuse.security:def:60235	P	Security update for ImageMagick (Moderate)	2021-04-20
oval:org.opensuse.security:def:51537	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:60489	P	Security update for tomcat (Important)	2021-03-30
oval:org.opensuse.security:def:65630	P	Security update for velocity (Important)	2021-03-16
oval:org.opensuse.security:def:67065	P	Security update for clamav-database (Important)	2021-03-15
oval:org.opensuse.security:def:51159	P	Security update for the Linux Kernel (Important)	2021-02-11
oval:org.opensuse.security:def:59793	P	Security update for openvswitch (Important)	2021-02-03
oval:org.opensuse.security:def:51640	P	Security update for openvswitch (Important)	2021-02-02
oval:org.opensuse.security:def:49439	P	Security update for php72 (Moderate)	2021-01-14
oval:org.opensuse.security:def:64460	P	Security update for libzypp, zypper (Moderate)	2021-01-13
oval:org.opensuse.security:def:4052	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:67413	P	Security update for slurm_17_11 (Important)	2020-12-18
oval:org.opensuse.security:def:4718	P	Security update for the Linux Kernel (Important)	2020-12-11
oval:org.opensuse.security:def:51085	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:51083	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:3921	P	icecream-1.0.1-5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3970	P	libdjvulibre-devel-3.5.25.3-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3936	P	libXdmcp-devel-1.1.1-12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63565	P	NetworkManager-lang-1.10.6-5.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3939	P	libXfont-devel-1.5.1-11.3.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48981	P	doxygen-1.8.6-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3933	P	libSDL-devel-1.2.15-15.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3963	P	libcares-devel-1.9.1-9.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3912	P	gstreamer-devel-1.8.3-9.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3865	P	cairo-devel-1.15.2-25.3.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3966	P	libcolord-devel-1.3.3-12.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:48995	P	gwenhywfar-lang-4.9.0beta-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71652	P	libxkbcommon-devel-0.8.2-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3959	P	libatalk12-3.1.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3938	P	libXfixes-devel-5.0.1-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3895	P	gcc48-4.8.5-31.20.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3943	P	libXpm-devel-3.5.11-5.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4065	P	libtiff-devel-4.0.9-44.30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3850	P	ant-1.9.4-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72420	P	libsrtp2-1-2.2.0-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72304	P	libtiff5-32bit-4.0.9-5.27.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:5535	P	Security update for python-waitress (Moderate)	2020-12-02
oval:org.opensuse.security:def:4852	P	Security update for apache2-mod_auth_openidc (Important)	2020-12-02
oval:org.opensuse.security:def:2569	P	Security update for python-waitress (Moderate)	2020-12-02
oval:org.opensuse.security:def:4858	P	Security update for mariadb (Moderate)	2020-12-02
oval:org.opensuse.security:def:4845	P	Security update for nginx (Important)	2020-12-02
oval:org.opensuse.security:def:5507	P	Security update for shim (Moderate)	2020-12-02
oval:org.opensuse.security:def:4815	P	Security update for openwsman (Important)	2020-12-02
oval:org.opensuse.security:def:2565	P	Security update for salt (Critical)	2020-12-02
oval:org.opensuse.security:def:4792	P	Security update for dovecot23 (Important)	2020-12-02
oval:org.opensuse.security:def:4869	P	Security update for rmt-server (Moderate)	2020-12-02
oval:org.opensuse.security:def:5389	P	Security update for python-waitress (Moderate)	2020-12-02
oval:org.opensuse.security:def:4713	P	Security update for salt (Moderate)	2020-12-02
oval:org.opensuse.security:def:64238	P	dbus-1-glib on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50819	P	Security update for jasper (Moderate)	2020-12-01
oval:org.opensuse.security:def:60834	P	Security update for libzypp (Moderate)	2020-12-01
oval:org.opensuse.security:def:64978	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:52253	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:50895	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:50811	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50948	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:59089	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:60872	P	Security update for python-Twisted (Moderate)	2020-12-01
oval:org.opensuse.security:def:70682	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:50348	P	Security update for pam (Important)	2020-12-01
oval:org.opensuse.security:def:50842	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:50316	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52362	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:53565	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:49209	P	libosinfo on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52109	P	Security update for libvpx (Important)	2020-12-01
oval:org.opensuse.security:def:49522	P	gstreamer-plugins-bad on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52991	P	Security update for libvpx (Important)	2020-12-01
oval:org.opensuse.security:def:51454	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:59311	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:52143	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:75158	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:51432	P	Security update for build (Moderate)	2020-12-01
oval:org.opensuse.security:def:50746	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:75025	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:66006	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:51327	P	Security update for libjpeg-turbo (Important)	2020-12-01
oval:org.opensuse.security:def:52497	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:50920	P	Security update for rubygem-bundler (Moderate)	2020-12-01
oval:org.opensuse.security:def:60653	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:51053	P	Security update for cni-plugins (Moderate)	2020-12-01
oval:org.opensuse.security:def:52191	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:59334	P	Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64118	P	Security update for tomcat (Important)	2020-12-01
oval:org.opensuse.security:def:50676	P	Security update for dhcp (Moderate)	2020-12-01
oval:org.opensuse.security:def:70769	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:64009	P	Security update for librsvg (Moderate)	2020-12-01
oval:org.opensuse.security:def:50575	P	Security update for libvpx (Important)	2020-12-01
oval:org.opensuse.security:def:52176	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:60726	P	Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important)	2020-12-01
oval:org.opensuse.security:def:50791	P	Security update for postgresql10 and postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:60698	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:53710	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:60046	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49353	P	wget on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52248	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:49672	P	libjbig2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53495	P	Security update for squid (Important)	2020-12-01
oval:org.opensuse.security:def:50852	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:50191	P	imobiledevice-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49420	P	libSDL2-2_0-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:59067	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:64913	P	Security update for ncurses (Moderate)	2020-12-01
oval:org.opensuse.security:def:52283	P	Security update for rubygem-rack (Moderate)	2020-12-01
oval:org.opensuse.security:def:69353	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:59678	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:50986	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:68964	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:51353	P	Security update for SDL (Moderate)	2020-12-01
oval:org.opensuse.security:def:64971	P	Security update for libcroco (Low)	2020-12-01
oval:org.opensuse.security:def:65916	P	Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP1) (Important)	2020-12-01
oval:org.opensuse.security:def:53028	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:51407	P	Security update for subversion (Moderate)	2020-12-01
oval:org.opensuse.security:def:52435	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:59245	P	Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:50912	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:65083	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:74017	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:51057	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Moderate)	2020-12-01
oval:org.opensuse.security:def:70659	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:60992	P	Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important)	2020-12-01
oval:org.opensuse.security:def:50816	P	Security update for wicked (Important)	2020-12-01
oval:org.opensuse.security:def:60535	P	rsyslog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49355	P	wpa_supplicant on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60963	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:60648	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:65065	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:63791	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50586	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:60571	P	xf86-video-intel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50915	P	Security update for libvpx (Moderate)	2020-12-01
oval:org.opensuse.security:def:53638	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:51005	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:50416	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:52087	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:49569	P	libpango-1_0-0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50798	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:59312	P	Security update for freetype2 (Important)	2020-12-01
oval:org.opensuse.security:def:59978	P	Security update for gdb (Moderate)	2020-12-01
oval:org.opensuse.security:def:49293	P	perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:60609	P	Security update for bzip2 (Important)	2020-12-01
oval:org.opensuse.security:def:59928	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:49132	P	less on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51511	P	Security update for binutils (Moderate)	2020-12-01
oval:org.opensuse.security:def:49600	P	spice-vdagent on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50093	P	qemu-audio-oss on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51846	P	Security update for Mesa (Moderate)	2020-12-01
oval:org.opensuse.security:def:52219	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:53055	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:64358	P	liboath-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52964	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:51428	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:74104	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:59066	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60750	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:73981	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:68412	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:51303	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:64252	P	flac-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49504	P	bubblewrap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:74553	P	Security update for apt-cacher-ng (Important)	2020-12-01
oval:org.opensuse.security:def:60913	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:65720	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:110853	P	Security update for python-waitress (Moderate)	2020-11-14
oval:org.opensuse.security:def:110303	P	Security update for python-waitress (Moderate)	2020-11-14
oval:org.opensuse.security:def:75447	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:105245	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:90390	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:118298	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:75725	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:107817	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:98051	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:91086	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:104045	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:102547	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:95834	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:108495	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:98555	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:91590	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:104741	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:109213	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:117332	P	Security update for python-waitress (Moderate)	2020-11-10
oval:org.opensuse.security:def:84445	P	Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important)	2020-07-14
oval:org.opensuse.security:def:83992	P	Security update for ansible, ansible1, ardana-ansible, ardana-cluster, ardana-freezer, ardana-input-model, ardana-logging, ardana-mq, ardana-neutron, ardana-octavia, ardana-osconfig, caasp-openstack-heat-templates, crowbar-core, crowbar-openstack, documentation-suse-openstack-cloud, grafana, kibana, openstack-dashboard, openstack-dashboard-theme-HPE, openstack-heat-templates, openstack-keystone, openstack-monasca-agent, openstack-monasca-installer, openstack-neutron, openstack-octavia-amphora-image, python-Django, python-Flask, python-GitPython, python-Pillow, python-amqp, python-apicapi, python-keystoneauth1, python-oslo.messaging, python-psutil, python-pyroute2, python-pysaml2, python-tooz, python-waitress, storm (Important)	2020-07-14
oval:com.ubuntu.bionic:def:2019167920000000	V	CVE-2019-16792 on Ubuntu 18.04 LTS (bionic) - low.	2020-01-22
oval:com.ubuntu.xenial:def:2019167920000000	V	CVE-2019-16792 on Ubuntu 16.04 LTS (xenial) - low.	2020-01-22

BACK