Vulnerability CVE-2019-20372

Vulnerability Name:

CVE-2019-20372 (CCN-174252)

Assigned:

2019-12-23

Published:

2019-12-23

Updated:

2022-04-06

Summary:

NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.

CVSS v3 Severity:

5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-444

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2019-20372

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:0204

Source: MISC
Type: Mitigation, Release Notes, Vendor Advisory
http://nginx.org/en/CHANGES

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20210921 APPLE-SA-2021-09-20-4 Xcode 13

Source: MISC
Type: Exploit, Mitigation, Third Party Advisory
https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf

Source: MISC
Type: Release Notes, Third Party Advisory
https://duo.com/docs/dng-notes#version-1.5.4-january-2020

Source: XF
Type: UNKNOWN
nginx-cve201920372-info-disc(174252)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/kubernetes/ingress-nginx/pull/4859

Source: CCN
Type: NGINX GIT Repository
Discard request body when redirecting to a URL via error_page

Source: CONFIRM
Type: Patch, Vendor Advisory
https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20200127-0003/

Source: CCN
Type: Apple security document HT212818
About the security content of Xcode 13

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT212818

Source: UBUNTU
Type: Third Party Advisory
USN-4235-1

Source: UBUNTU
Type: Third Party Advisory
USN-4235-2

Source: CCN
Type: IBM Security Bulletin 6208039 (API Connect)
IBM API Connect is impacted by a vulnerability in NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6235074 (Cloud Pak for Automation)
Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Source: CCN
Type: IBM Security Bulletin 6245728 (StoredIQ)
IBM StoredIQ is affected by a vulnerability in NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6380904 (Aspera High-Speed Transfer Server)
NGINX vulnerability CVE-2019-20372 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Source: CCN
Type: IBM Security Bulletin 6397800 (Spectrum Discover)
Spectrum Discover has addressed multiple security vulnerabilities (CVE-2020-13401, CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6574091 (Cloud Private)
A Security Vulnerability affects IBM Cloud Private - NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6982841 (Netcool Operations Insight)
Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.

Vulnerable Configuration:

Configuration 1:

cpe:/a:f5:nginx:*:*:*:*:*:*:*:* (Version < 1.17.7)

Configuration 2:

cpe:/a:apple:xcode:*:*:*:*:*:*:*:* (Version < 13.0)

Configuration 3:

cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

Configuration 4:

cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 5:

cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:nginx:nginx:1.17.6:*:*:*:*:*:*:*

AND

cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:storediq:7.6.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:5.0.8.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:storediq:7.6.0.20:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*

OR cpe:/a:apple:xcode:12.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:51989	P	Security update for xen (Important)	2023-01-26
oval:org.opensuse.security:def:51997	P	Security update for tcl (Important)	2023-01-05
oval:org.opensuse.security:def:51939	P	Security update for xen (Moderate)	2022-10-25
oval:org.opensuse.security:def:608	P	Security update for clone-master-clean-up (Moderate) (in QA)	2022-09-26
oval:org.opensuse.security:def:201920372	V	CVE-2019-20372	2022-09-02
oval:org.opensuse.security:def:5290	P	Security update for crash (Important)	2022-07-07
oval:org.opensuse.security:def:3080	P	git-core-2.12.3-27.17.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3139	P	libXfont2-2-2.0.3-1.19 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3839	P	zypper-1.13.51-21.26.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3128	P	libQt5Concurrent5-5.6.2-6.15.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3508	P	gpg2-2.0.24-9.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3120	P	krb5-1.12.5-40.37.7 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3075	P	gdk-pixbuf-lang-2.34.0-19.17.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3827	P	xlockmore-5.43-5.30 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3101	P	gzip-1.10-2.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3189	P	libipa_hbac0-1.16.1-4.17.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3178	P	libgnomesu-2.0.0-353.6.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3187	P	libidn-tools-1.28-5.6.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3087	P	gnutls-3.3.27-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3169	P	libexempi3-2.2.1-5.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95138	P	nginx-1.21.5-150400.1.8 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:4625	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4627	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:4620	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP5) (Important)	2022-06-06
oval:org.opensuse.security:def:5265	P	Security update for ImageMagick (Important)	2022-05-31
oval:org.opensuse.security:def:4615	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) (Important)	2022-05-23
oval:org.opensuse.security:def:4607	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-05-21
oval:org.opensuse.security:def:4608	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2022-05-21
oval:org.opensuse.security:def:4754	P	Security update for openldap2 (Important)	2022-05-16
oval:org.opensuse.security:def:4593	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-05-09
oval:org.opensuse.security:def:94230	P	(Important)	2022-05-03
oval:org.opensuse.security:def:4580	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-04-23
oval:org.opensuse.security:def:4306	P	Security update for the Linux Kernel (Important)	2022-03-09
oval:org.opensuse.security:def:4694	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-03-01
oval:org.opensuse.security:def:113031	P	nginx-1.21.3-1.4 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:4242	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:106474	P	Security update for p11-kit (Important)	2021-12-22
oval:org.opensuse.security:def:64638	P	Security update for postgresql10 (Important)	2021-12-14
oval:org.opensuse.security:def:4238	P	Security update for ImageMagick (Moderate)	2021-12-10
oval:org.opensuse.security:def:5149	P	Security update for pcre (Moderate)	2021-11-10
oval:org.opensuse.security:def:1643	P	Security update for libvirt (Moderate)	2021-11-05
oval:org.opensuse.security:def:69086	P	Security update for util-linux (Moderate)	2021-10-26
oval:org.opensuse.security:def:4494	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2021-10-12
oval:org.opensuse.security:def:5127	P	Security update for glibc (Moderate)	2021-10-06
oval:org.opensuse.security:def:4508	P	Security update for git (Low)	2021-10-06
oval:org.opensuse.security:def:63221	P	libvirglrenderer0-0.6.0-2.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:4490	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2021-09-16
oval:org.opensuse.security:def:4489	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2021-09-16
oval:org.opensuse.security:def:4485	P	Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP5) (Important)	2021-09-16
oval:org.opensuse.security:def:4482	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-09-16
oval:org.opensuse.security:def:4481	P	Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP5) (Important)	2021-09-16
oval:org.opensuse.security:def:4215	P	Security update for ffmpeg (Important)	2021-09-02
oval:org.opensuse.security:def:66899	P	Security update for aspell (Important)	2021-08-20
oval:org.opensuse.security:def:4477	P	Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:4474	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:63424	P	java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:4464	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:101384	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63358	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2269	P	nginx-1.19.8-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100943	P	libnm0-1.22.10-3.7.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62750	P	gnome-autoar-devel-0.2.3-3.3.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72746	P	ocaml-4.05.0-13.5 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:69511	P	Security update for mariadb (Important)	2021-08-05
oval:org.opensuse.security:def:51629	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:4448	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-07-22
oval:org.opensuse.security:def:65649	P	Security update for go1.16 (Important)	2021-06-28
oval:org.opensuse.security:def:51922	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:4559	P	Security update for the Linux Kernel (Important)	2021-06-28
oval:org.opensuse.security:def:4138	P	Security update for openexr (Important)	2021-06-24
oval:org.opensuse.security:def:4428	P	Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:4427	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:64526	P	Security update for libjpeg-turbo (Moderate)	2021-06-11
oval:org.opensuse.security:def:4197	P	Security update for djvulibre (Important)	2021-06-10
oval:org.opensuse.security:def:4552	P	Security update for snakeyaml (Important)	2021-06-07
oval:org.opensuse.security:def:66807	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:51888	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:74704	P	Security update for python3 (Moderate)	2021-05-11
oval:org.opensuse.security:def:51883	P	Security update for bind (Important)	2021-05-04
oval:org.opensuse.security:def:4122	P	Security update for webkit2gtk3 (Important)	2021-04-29
oval:org.opensuse.security:def:73590	P	Security update for wpa_supplicant (Moderate)	2021-04-13
oval:org.opensuse.security:def:4384	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-04-07
oval:org.opensuse.security:def:51192	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:51748	P	Security update for python (Moderate)	2021-03-16
oval:org.opensuse.security:def:52011	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:51167	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:51731	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:51604	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:70255	P	Security update for nodejs8 (Moderate)	2021-01-26
oval:org.opensuse.security:def:64475	P	Security update for open-iscsi (Important)	2021-01-14
oval:org.opensuse.security:def:68983	P	Security update for openssh (Moderate)	2020-12-17
oval:com.redhat.rhsa:def:20205495	P	RHSA-2020:5495: nginx:1.16 security update (Moderate)	2020-12-15
oval:org.opensuse.security:def:51473	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:51088	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:4367	P	Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:4368	P	Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) (Important)	2020-12-07
oval:org.opensuse.security:def:62722	P	typelib-1_0-JavaScriptCore-4_0-2.28.2-1.11 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4037	P	libproxy-devel-0.4.13-16.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62718	P	rtkit-0.11+git.20130926-1.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4025	P	libotr-devel-4.0.0-9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62725	P	wavpack-5.1.0-4.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72439	P	spice-vdagent-0.19.0-1.62 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107609	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72323	P	spice-vdagent-0.17.0-2.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62928	P	xorg-x11-server-sdk-1.20.3-12.29 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63288	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4245	P	typelib-1_0-Gtk-2_0-2.24.31-9.6.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2199	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4110	P	pango-devel-1.40.1-9.5 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4017	P	libnettle-devel-2.7.1-12.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4079	P	libxcb-composite0-1.10-4.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:117167	P	nginx-1.16.1-1.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63571	P	dia-0.97.3-2.32 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4339	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4248	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4360	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:5436	P	Security update for nginx (Moderate)	2020-12-02
oval:org.opensuse.security:def:4264	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4911	P	Security update for nginx (Moderate)	2020-12-02
oval:org.opensuse.security:def:4250	P	Security update for the Linux Kernel (Important)	2020-12-02
oval:org.opensuse.security:def:51852	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:5408	P	Security update for mutt (Important)	2020-12-02
oval:org.opensuse.security:def:4770	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4351	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4717	P	Security update for python-ipaddress (Important)	2020-12-02
oval:org.opensuse.security:def:4890	P	Security update for postgresql12 (Important)	2020-12-02
oval:org.opensuse.security:def:4747	P	Security update for util-linux (Moderate)	2020-12-02
oval:org.opensuse.security:def:4252	P	Security update for the Linux Kernel (Live Patch 8 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4760	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:50030	P	rmt-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49947	P	gnuplot on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52078	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:73472	P	sane-backends on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:65739	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:50931	P	Security update for python-ecdsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:50934	P	Security update for ldb, samba (Important)	2020-12-01
oval:org.opensuse.security:def:50694	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:52185	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:53539	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:50651	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:50534	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:50765	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:74578	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:53342	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:49740	P	jython on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51309	P	Security update for ppp (Important)	2020-12-01
oval:org.opensuse.security:def:64266	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50795	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:50861	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:50601	P	Security update for systemd (Moderate)	2020-12-01
oval:org.opensuse.security:def:52210	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:50925	P	Security update for unbound (Important)	2020-12-01
oval:org.opensuse.security:def:66175	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:49612	P	audiofile-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51205	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:64265	P	glibc-locale-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50773	P	Security update for mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:50650	P	Security update for wavpack (Low)	2020-12-01
oval:org.opensuse.security:def:50357	P	Security update for libnettle (Moderate)	2020-12-01
oval:org.opensuse.security:def:51816	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:53466	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:50690	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:51439	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:64373	P	libproxy-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:69406	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:52150	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:53273	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:49593	P	ppp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51042	P	Security update for docker (Moderate)	2020-12-01
oval:org.opensuse.security:def:64129	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:52120	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50084	P	nginx on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50198	P	libotr-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:72864	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:50557	P	Security update for webkit2gtk3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:51334	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:66083	P	Security update for SUSE Manager Server 4.0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50830	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:50772	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:51356	P	Security update for gdm (Important)	2020-12-01
oval:org.opensuse.security:def:53611	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:50807	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:63800	P	Security update for sudo (Important)	2020-12-01
oval:org.opensuse.security:def:52045	P	Security update for libxml2 (Low)	2020-12-01
oval:org.opensuse.security:def:70150	P	blktrace on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50098	P	sblim-sfcb on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53396	P	Security update for tomcat (Moderate)	2020-12-01
oval:org.opensuse.security:def:50535	P	Security update for libssh2_org (Moderate)	2020-12-01
oval:org.opensuse.security:def:49592	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52263	P	Security update for wpa_supplicant (Moderate)	2020-12-01
oval:org.opensuse.security:def:52272	P	Security update for nginx (Moderate)	2020-12-01
oval:org.opensuse.security:def:50673	P	Security update for sqlite3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:110328	P	Security update for nginx (Moderate)	2020-02-11
oval:org.opensuse.security:def:91105	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:105414	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:98724	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:75466	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:91774	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:104760	P	Security update for nginx (Moderate)	2020-02-06
oval:org.opensuse.security:def:98070	P	Security update for nginx (Moderate)	2020-02-06
oval:com.ubuntu.disco:def:2019203720000000	V	CVE-2019-20372 on Ubuntu 19.04 (disco) - medium.	2020-01-09
oval:com.ubuntu.bionic:def:2019203720000000	V	CVE-2019-20372 on Ubuntu 18.04 LTS (bionic) - medium.	2020-01-09
oval:com.ubuntu.xenial:def:2019203720000000	V	CVE-2019-20372 on Ubuntu 16.04 LTS (xenial) - medium.	2020-01-09

BACK