Vulnerability Name:

CVE-2019-19906 (CCN-173382)

Assigned:2019-11-28
Published:2019-11-28
Updated:2022-04-12
Summary:cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl.
CVSS v3 Severity:7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-787
CWE-193
CWE-400
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-19906

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20200717 APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20200717 APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra

Source: MLIST
Type: Mailing List, Patch, Release Notes, Third Party Advisory
[oss-security] 20220223 Fwd: Cyrus-SASL 2.1.28 released [fixes CVE-2022-24407 & CVE-2019-19906]

Source: XF
Type: UNKNOWN
cyrussasl-cve201919906-dos(173382)

Source: CCN
Type: cyrus-sasl GIT Repository
Off by one in _sasl_add_string function #587

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/cyrusimap/cyrus-sasl/issues/587

Source: MLIST
Type: Issue Tracking, Mailing List, Third Party Advisory
[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

Source: MLIST
Type: Issue Tracking, Mailing List, Third Party Advisory
[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20191220 [SECURITY] [DLA 2044-1] cyrus-sasl2 security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-51d591d035

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-bf829f9a84

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20191225 [SECURITY] [DSA 4591-1] cyrus-sasl2 security update

Source: CCN
Type: BugTraq Mailing List, Fri, 20 Dec 2019 21:10:08 +0000
[SECURITY] [DSA 4591-1] cyrus-sasl2 security update

Source: CCN
Type: Apple security document HT211288
About the security content of iOS 13.6 and iPadOS 13.6

Source: CCN
Type: Apple security document HT211289
About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT211288

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT211289

Source: UBUNTU
Type: Patch, Third Party Advisory
USN-4256-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4591

Source: CCN
Type: IBM Security Bulletin 6214488 (Vyatta 5600)
Vyatta 5600 vRouter Software Patches - Release 1801-ze

Source: CCN
Type: IBM Security Bulletin 6465551 (Bootable Media Creator)
IBM Bootable Media Creator (BoMC) is affected by a vulnerability in cyrus-sasl (CVE-2019-19906)

Source: CCN
Type: IBM Security Bulletin 6520474 (QRadar SIEM)
IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: MISC
Type: Exploit, Third Party Advisory
https://www.openldap.org/its/index.cgi/Incoming?id=9123

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-19906

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cyrusimap:cyrus-sasl:*:*:*:*:*:*:*:* (Version < 2.1.28)

  • Configuration 2:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/o:fedoraproject:fedora:31:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

  • Configuration 5:
  • cpe:/a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:-:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*

  • Configuration 6:
  • cpe:/o:apple:ipados:13.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:13.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version >= 10.13.0 and < 10.13.6)
  • OR cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version < 10.13.6)
  • OR cpe:/o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-004:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-005:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-006:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2019-007:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2020-001:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2020-002:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.13.6:security_update_2020-003:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* (Version >= 10.15.0 and < 10.15.6)

  • Configuration 7:
  • cpe:/a:apache:bookkeeper:4.12.1:*:*:*:*:*:*:*
  • AND
  • cpe:/o:centos:centos:7.0:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:carnegie_mellon_university:cyrus-sasl:2.1.27:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:qradar_security_information_and_event_manager:7.3:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:vyatta_5600:*:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7477
    P
    cyrus-sasl-2.1.28-150500.1.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:8076
    P
    cyrus-sasl-bdb-2.1.28-150500.1.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3470
    P
    dbus-1-1.8.22-9.38 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3435
    P
    at-3.1.14-8.6.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95100
    P
    cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2903
    P
    cyrus-sasl-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94533
    P
    cyrus-sasl-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2904
    P
    cyrus-sasl-saslauthd-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94534
    P
    cyrus-sasl-saslauthd-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95065
    P
    cyrus-sasl-bdb-2.1.27-150300.4.6.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:39
    P
    cyrus-sasl-2.1.27-2.2 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:40
    P
    cyrus-sasl-saslauthd-2.1.27-2.2 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:969
    P
    Security update for flac (Moderate)
    2022-03-14
    oval:org.opensuse.security:def:968
    P
    Security update for python-lxml (Important)
    2022-03-10
    oval:org.opensuse.security:def:112138
    P
    cyrus-sasl-2.1.27-5.7 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105674
    P
    Security update for openssh (Important)
    2021-12-06
    oval:org.opensuse.security:def:2000
    P
    cyrus-sasl-bdb-2.1.27-2.2 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63089
    P
    cyrus-sasl-bdb-2.1.27-2.2 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2232
    P
    cyrus-sasl-bdb-devel-2.1.27-2.2 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63321
    P
    cyrus-sasl-bdb-devel-2.1.27-2.2 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:62057
    P
    cyrus-sasl-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100815
    P
    cyrus-sasl-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:71798
    P
    cyrus-sasl-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62058
    P
    cyrus-sasl-saslauthd-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100816
    P
    cyrus-sasl-saslauthd-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:71799
    P
    cyrus-sasl-saslauthd-2.1.27-2.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:31570
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:126682
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:23497
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:57393
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:51099
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:86034
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:33886
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:81034
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:29312
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:59709
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:55135
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:88400
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:84086
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:32020
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:127079
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:23877
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:57843
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:51485
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:86484
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:34343
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:82082
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:29965
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:60166
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:4971
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:21361
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:55788
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:89106
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:84541
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:32839
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:25984
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:58662
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:51865
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:87303
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:35236
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:82519
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:31100
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:61059
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:125510
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:23111
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:56923
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:89364
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:85564
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:33628
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:28875
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:59451
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:54698
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:88091
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:83172
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:43239
    P
    Security update for cyrus-sasl (Important)
    2020-12-18
    oval:org.opensuse.security:def:38809
    P
    Security update for cyrus-sasl (Important)
    2020-12-18
    oval:org.opensuse.security:def:38117
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:41260
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:38808
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:44538
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:42789
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:37504
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:45690
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:40108
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:org.opensuse.security:def:43238
    P
    Security update for cyrus-sasl (Important)
    2020-12-17
    oval:com.redhat.rhsa:def:20204497
    P
    RHSA-2020:4497: cyrus-sasl security, bug fix, and enhancement update (Moderate)
    2020-11-04
    oval:com.ubuntu.disco:def:2019199060000000
    V
    CVE-2019-19906 on Ubuntu 19.04 (disco) - medium.
    2019-12-19
    oval:com.ubuntu.bionic:def:2019199060000000
    V
    CVE-2019-19906 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-12-19
    oval:com.ubuntu.xenial:def:2019199060000000
    V
    CVE-2019-19906 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-12-19
    BACK
    cyrusimap cyrus-sasl *
    debian debian linux 8.0
    debian debian linux 9.0
    debian debian linux 10.0
    canonical ubuntu linux 12.04
    canonical ubuntu linux 14.04
    canonical ubuntu linux 16.04
    canonical ubuntu linux 18.04
    canonical ubuntu linux 19.10
    fedoraproject fedora 31
    fedoraproject fedora 32
    redhat jboss enterprise web server 2.0.0
    apple mac os x 10.14.6 -
    redhat enterprise linux 5.0
    redhat enterprise linux 6.0
    redhat enterprise linux 7.0
    redhat enterprise linux 8.0
    redhat enterprise linux eus 8.4
    redhat enterprise linux for ibm z systems 8.0
    redhat enterprise linux for ibm z systems eus 8.4
    redhat enterprise linux for power little endian 8.0
    redhat enterprise linux for power little endian eus 8.4
    redhat enterprise linux server aus 8.4
    redhat enterprise linux server for power little endian update services for sap solutions 8.4
    redhat enterprise linux server tus 8.4
    redhat enterprise linux server update services for sap solutions 8.4
    apple ipados 13.6
    apple iphone os 13.6
    apple mac os x *
    apple mac os x *
    apple mac os x 10.13.6 -
    apple mac os x 10.13.6 security_update_2018-002
    apple mac os x 10.13.6 security_update_2018-003
    apple mac os x 10.13.6 security_update_2019-001
    apple mac os x 10.13.6 security_update_2019-002
    apple mac os x 10.13.6 security_update_2019-003
    apple mac os x 10.13.6 security_update_2019-004
    apple mac os x 10.13.6 security_update_2019-005
    apple mac os x 10.13.6 security_update_2019-006
    apple mac os x 10.13.6 security_update_2019-007
    apple mac os x 10.13.6 security_update_2020-001
    apple mac os x 10.13.6 security_update_2020-002
    apple mac os x 10.13.6 security_update_2020-003
    apple mac os x 10.14.6 security_update_2019-001
    apple mac os x 10.14.6 security_update_2019-002
    apple mac os x 10.14.6 security_update_2019-004
    apple mac os x 10.14.6 security_update_2019-005
    apple mac os x 10.14.6 security_update_2019-006
    apple mac os x 10.14.6 security_update_2019-007
    apple mac os x 10.14.6 security_update_2020-001
    apple mac os x 10.14.6 security_update_2020-002
    apple mac os x 10.14.6 security_update_2020-003
    apple mac os x *
    apache bookkeeper 4.12.1
    centos centos 7.0
    carnegie_mellon_university cyrus-sasl 2.1.27
    ibm qradar security information and event manager 7.3
    ibm vyatta 5600 *
    ibm qradar security information and event manager 7.4 -
    ibm cloud pak for security 1.7.2.0