Vulnerability Name:

CVE-2019-20372 (CCN-174252)

Assigned:2019-12-23
Published:2019-12-23
Updated:2022-04-06
Summary:NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-444
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2019-20372

Source: SUSE
Type: Mailing List, Third Party Advisory
openSUSE-SU-2020:0204

Source: MISC
Type: Mitigation, Release Notes, Vendor Advisory
http://nginx.org/en/CHANGES

Source: FULLDISC
Type: Mailing List, Third Party Advisory
20210921 APPLE-SA-2021-09-20-4 Xcode 13

Source: MISC
Type: Exploit, Mitigation, Third Party Advisory
https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf

Source: MISC
Type: Release Notes, Third Party Advisory
https://duo.com/docs/dng-notes#version-1.5.4-january-2020

Source: XF
Type: UNKNOWN
nginx-cve201920372-info-disc(174252)

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/kubernetes/ingress-nginx/pull/4859

Source: CCN
Type: NGINX GIT Repository
Discard request body when redirecting to a URL via error_page

Source: CONFIRM
Type: Patch, Vendor Advisory
https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20200127-0003/

Source: CCN
Type: Apple security document HT212818
About the security content of Xcode 13

Source: CONFIRM
Type: Third Party Advisory
https://support.apple.com/kb/HT212818

Source: UBUNTU
Type: Third Party Advisory
USN-4235-1

Source: UBUNTU
Type: Third Party Advisory
USN-4235-2

Source: CCN
Type: IBM Security Bulletin 6208039 (API Connect)
IBM API Connect is impacted by a vulnerability in NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6235074 (Cloud Pak for Automation)
Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Source: CCN
Type: IBM Security Bulletin 6245728 (StoredIQ)
IBM StoredIQ is affected by a vulnerability in NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6380904 (Aspera High-Speed Transfer Server)
NGINX vulnerability CVE-2019-20372 impacts IBM Aspera High-Speed Transfer Server and Aspera High-Speed Transfer Endpoint versions prior to V4.0

Source: CCN
Type: IBM Security Bulletin 6397800 (Spectrum Discover)
Spectrum Discover has addressed multiple security vulnerabilities (CVE-2020-13401, CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6574091 (Cloud Private)
A Security Vulnerability affects IBM Cloud Private - NGINX (CVE-2019-20372)

Source: CCN
Type: IBM Security Bulletin 6982841 (Netcool Operations Insight)
Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.

Vulnerable Configuration:Configuration 1:
  • cpe:/a:f5:nginx:*:*:*:*:*:*:*:* (Version < 1.17.7)

  • Configuration 2:
  • cpe:/a:apple:xcode:*:*:*:*:*:*:*:* (Version < 13.0)

  • Configuration 3:
  • cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

  • Configuration 4:
  • cpe:/o:opensuse:leap:15.1:*:*:*:*:*:*:*

  • Configuration 5:
  • cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:nginx:nginx:1.17.6:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:api_connect:5.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:storediq:7.6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:5.0.8.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:19.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:storediq:7.6.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:api_connect:2018.4.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*
  • OR cpe:/a:apple:xcode:12.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:51989
    P
    Security update for xen (Important)
    2023-01-26
    oval:org.opensuse.security:def:51997
    P
    Security update for tcl (Important)
    2023-01-05
    oval:org.opensuse.security:def:51939
    P
    Security update for xen (Moderate)
    2022-10-25
    oval:org.opensuse.security:def:608
    P
    Security update for clone-master-clean-up (Moderate) (in QA)
    2022-09-26
    oval:org.opensuse.security:def:201920372
    V
    CVE-2019-20372
    2022-09-02
    oval:org.opensuse.security:def:5290
    P
    Security update for crash (Important)
    2022-07-07
    oval:org.opensuse.security:def:3080
    P
    git-core-2.12.3-27.17.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3139
    P
    libXfont2-2-2.0.3-1.19 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3839
    P
    zypper-1.13.51-21.26.4 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3128
    P
    libQt5Concurrent5-5.6.2-6.15.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3508
    P
    gpg2-2.0.24-9.8.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3120
    P
    krb5-1.12.5-40.37.7 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3075
    P
    gdk-pixbuf-lang-2.34.0-19.17.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3827
    P
    xlockmore-5.43-5.30 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3101
    P
    gzip-1.10-2.12 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3189
    P
    libipa_hbac0-1.16.1-4.17.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3178
    P
    libgnomesu-2.0.0-353.6.2 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3187
    P
    libidn-tools-1.28-5.6.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3087
    P
    gnutls-3.3.27-3.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3169
    P
    libexempi3-2.2.1-5.7.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95138
    P
    nginx-1.21.5-150400.1.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:4625
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)
    2022-06-06
    oval:org.opensuse.security:def:4627
    P
    Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)
    2022-06-06
    oval:org.opensuse.security:def:4620
    P
    Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP5) (Important)
    2022-06-06
    oval:org.opensuse.security:def:5265
    P
    Security update for ImageMagick (Important)
    2022-05-31
    oval:org.opensuse.security:def:4615
    P
    Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) (Important)
    2022-05-23
    oval:org.opensuse.security:def:4607
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)
    2022-05-21
    oval:org.opensuse.security:def:4608
    P
    Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)
    2022-05-21
    oval:org.opensuse.security:def:4754
    P
    Security update for openldap2 (Important)
    2022-05-16
    oval:org.opensuse.security:def:4593
    P
    Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)
    2022-05-09
    oval:org.opensuse.security:def:94230
    P
    (Important)
    2022-05-03
    oval:org.opensuse.security:def:4580
    P
    Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)
    2022-04-23
    oval:org.opensuse.security:def:4306
    P
    Security update for the Linux Kernel (Important)
    2022-03-09
    oval:org.opensuse.security:def:4694
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)
    2022-03-01
    oval:org.opensuse.security:def:113031
    P
    nginx-1.21.3-1.4 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:4242
    P
    Security update for SDL2 (Important) (in QA)
    2022-01-12
    oval:org.opensuse.security:def:106474
    P
    Security update for p11-kit (Important)
    2021-12-22
    oval:org.opensuse.security:def:64638
    P
    Security update for postgresql10 (Important)
    2021-12-14
    oval:org.opensuse.security:def:4238
    P
    Security update for ImageMagick (Moderate)
    2021-12-10
    oval:org.opensuse.security:def:5149
    P
    Security update for pcre (Moderate)
    2021-11-10
    oval:org.opensuse.security:def:1643
    P
    Security update for libvirt (Moderate)
    2021-11-05
    oval:org.opensuse.security:def:69086
    P
    Security update for util-linux (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:4494
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)
    2021-10-12
    oval:org.opensuse.security:def:5127
    P
    Security update for glibc (Moderate)
    2021-10-06
    oval:org.opensuse.security:def:4508
    P
    Security update for git (Low)
    2021-10-06
    oval:org.opensuse.security:def:63221
    P
    libvirglrenderer0-0.6.0-2.30 on GA media (Moderate)
    2021-09-21
    oval:org.opensuse.security:def:4490
    P
    Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)
    2021-09-16
    oval:org.opensuse.security:def:4489
    P
    Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)
    2021-09-16
    oval:org.opensuse.security:def:4485
    P
    Security update for the Linux Kernel (Live Patch 15 for SLE 12 SP5) (Important)
    2021-09-16
    oval:org.opensuse.security:def:4482
    P
    Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)
    2021-09-16
    oval:org.opensuse.security:def:4481
    P
    Security update for the Linux Kernel (Live Patch 11 for SLE 12 SP5) (Important)
    2021-09-16
    oval:org.opensuse.security:def:4215
    P
    Security update for ffmpeg (Important)
    2021-09-02
    oval:org.opensuse.security:def:66899
    P
    Security update for aspell (Important)
    2021-08-20
    oval:org.opensuse.security:def:4477
    P
    Security update for the Linux Kernel (Live Patch 9 for SLE 12 SP5) (Important)
    2021-08-17
    oval:org.opensuse.security:def:4474
    P
    Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)
    2021-08-17
    oval:org.opensuse.security:def:63424
    P
    java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:4464
    P
    Security update for the Linux Kernel (Important)
    2021-08-10
    oval:org.opensuse.security:def:101384
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63358
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2269
    P
    nginx-1.19.8-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:100943
    P
    libnm0-1.22.10-3.7.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62750
    P
    gnome-autoar-devel-0.2.3-3.3.1 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72746
    P
    ocaml-4.05.0-13.5 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:69511
    P
    Security update for mariadb (Important)
    2021-08-05
    oval:org.opensuse.security:def:51629
    P
    Security update for libsndfile (Critical)
    2021-08-05
    oval:org.opensuse.security:def:4448
    P
    Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)
    2021-07-22
    oval:org.opensuse.security:def:65649
    P
    Security update for go1.16 (Important)
    2021-06-28
    oval:org.opensuse.security:def:51922
    P
    Security update for arpwatch (Important)
    2021-06-28
    oval:org.opensuse.security:def:4559
    P
    Security update for the Linux Kernel (Important)
    2021-06-28
    oval:org.opensuse.security:def:4138
    P
    Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:4428
    P
    Security update for the Linux Kernel (Live Patch 16 for SLE 12 SP5) (Important)
    2021-06-18
    oval:org.opensuse.security:def:4427
    P
    Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5) (Important)
    2021-06-18
    oval:org.opensuse.security:def:64526
    P
    Security update for libjpeg-turbo (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:4197
    P
    Security update for djvulibre (Important)
    2021-06-10
    oval:org.opensuse.security:def:4552
    P
    Security update for snakeyaml (Important)
    2021-06-07
    oval:org.opensuse.security:def:66807
    P
    Security update for avahi (Important)
    2021-06-03
    oval:org.opensuse.security:def:51888
    P
    Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:74704
    P
    Security update for python3 (Moderate)
    2021-05-11
    oval:org.opensuse.security:def:51883
    P
    Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:4122
    P
    Security update for webkit2gtk3 (Important)
    2021-04-29
    oval:org.opensuse.security:def:73590
    P
    Security update for wpa_supplicant (Moderate)
    2021-04-13
    oval:org.opensuse.security:def:4384
    P
    Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)
    2021-04-07
    oval:org.opensuse.security:def:51192
    P
    Security update for MozillaFirefox (Important)
    2021-03-31
    oval:org.opensuse.security:def:51748
    P
    Security update for python (Moderate)
    2021-03-16
    oval:org.opensuse.security:def:52011
    P
    Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:51167
    P
    Security update for java-1_8_0-openjdk (Moderate)
    2021-02-19
    oval:org.opensuse.security:def:51731
    P
    Security update for jasper (Important)
    2021-02-16
    oval:org.opensuse.security:def:51604
    P
    Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:70255
    P
    Security update for nodejs8 (Moderate)
    2021-01-26
    oval:org.opensuse.security:def:64475
    P
    Security update for open-iscsi (Important)
    2021-01-14
    oval:org.opensuse.security:def:68983
    P
    Security update for openssh (Moderate)
    2020-12-17
    oval:com.redhat.rhsa:def:20205495
    P
    RHSA-2020:5495: nginx:1.16 security update (Moderate)
    2020-12-15
    oval:org.opensuse.security:def:51473
    P
    Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:51088
    P
    Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)
    2020-12-07
    oval:org.opensuse.security:def:4367
    P
    Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP5) (Important)
    2020-12-07
    oval:org.opensuse.security:def:4368
    P
    Security update for the Linux Kernel (Live Patch 7 for SLE 12 SP5) (Important)
    2020-12-07
    oval:org.opensuse.security:def:62722
    P
    typelib-1_0-JavaScriptCore-4_0-2.28.2-1.11 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4037
    P
    libproxy-devel-0.4.13-16.3 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62718
    P
    rtkit-0.11+git.20130926-1.34 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4025
    P
    libotr-devel-4.0.0-9.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62725
    P
    wavpack-5.1.0-4.6.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72439
    P
    spice-vdagent-0.19.0-1.62 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107609
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:72323
    P
    spice-vdagent-0.17.0-2.39 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62928
    P
    xorg-x11-server-sdk-1.20.3-12.29 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63288
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4245
    P
    typelib-1_0-Gtk-2_0-2.24.31-9.6.28 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:2199
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4110
    P
    pango-devel-1.40.1-9.5 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4017
    P
    libnettle-devel-2.7.1-12.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4079
    P
    libxcb-composite0-1.10-4.3.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:117167
    P
    nginx-1.16.1-1.21 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:63571
    P
    dia-0.97.3-2.32 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:4339
    P
    Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4248
    P
    Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4360
    P
    Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:5436
    P
    Security update for nginx (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4264
    P
    Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4911
    P
    Security update for nginx (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4250
    P
    Security update for the Linux Kernel (Important)
    2020-12-02
    oval:org.opensuse.security:def:51852
    P
    Security update for python3 (Important)
    2020-12-02
    oval:org.opensuse.security:def:5408
    P
    Security update for mutt (Important)
    2020-12-02
    oval:org.opensuse.security:def:4770
    P
    Security update for qemu (Important)
    2020-12-02
    oval:org.opensuse.security:def:4351
    P
    Security update for the Linux Kernel (Live Patch 15 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4717
    P
    Security update for python-ipaddress (Important)
    2020-12-02
    oval:org.opensuse.security:def:4890
    P
    Security update for postgresql12 (Important)
    2020-12-02
    oval:org.opensuse.security:def:4747
    P
    Security update for util-linux (Moderate)
    2020-12-02
    oval:org.opensuse.security:def:4252
    P
    Security update for the Linux Kernel (Live Patch 8 for SLE 15) (Important)
    2020-12-02
    oval:org.opensuse.security:def:4760
    P
    Security update for qemu (Important)
    2020-12-02
    oval:org.opensuse.security:def:50030
    P
    rmt-server on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49947
    P
    gnuplot on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52078
    P
    Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:73472
    P
    sane-backends on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:65739
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50931
    P
    Security update for python-ecdsa (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50934
    P
    Security update for ldb, samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:50694
    P
    Security update for qemu (Important)
    2020-12-01
    oval:org.opensuse.security:def:52185
    P
    Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:53539
    P
    Security update for perl-DBI (Important)
    2020-12-01
    oval:org.opensuse.security:def:50651
    P
    Security update for qemu (Important)
    2020-12-01
    oval:org.opensuse.security:def:50534
    P
    Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50765
    P
    Security update for mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:74578
    P
    Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:53342
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49740
    P
    jython on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51309
    P
    Security update for ppp (Important)
    2020-12-01
    oval:org.opensuse.security:def:64266
    P
    gnutls on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50795
    P
    Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:50861
    P
    Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50601
    P
    Security update for systemd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52210
    P
    Security update for e2fsprogs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50925
    P
    Security update for unbound (Important)
    2020-12-01
    oval:org.opensuse.security:def:66175
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49612
    P
    audiofile-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51205
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64265
    P
    glibc-locale-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50773
    P
    Security update for mozilla-nss (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50650
    P
    Security update for wavpack (Low)
    2020-12-01
    oval:org.opensuse.security:def:50357
    P
    Security update for libnettle (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51816
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53466
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50690
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:51439
    P
    Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:64373
    P
    libproxy-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:69406
    P
    Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52150
    P
    Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53273
    P
    Security update for qemu (Important)
    2020-12-01
    oval:org.opensuse.security:def:49593
    P
    ppp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51042
    P
    Security update for docker (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:64129
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:52120
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:50084
    P
    nginx on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50198
    P
    libotr-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:72864
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50557
    P
    Security update for webkit2gtk3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:51334
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:66083
    P
    Security update for SUSE Manager Server 4.0 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50830
    P
    Security update for permissions (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50772
    P
    Security update for python3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:51356
    P
    Security update for gdm (Important)
    2020-12-01
    oval:org.opensuse.security:def:53611
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50807
    P
    Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:63800
    P
    Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:52045
    P
    Security update for libxml2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:70150
    P
    blktrace on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50098
    P
    sblim-sfcb on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:53396
    P
    Security update for tomcat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50535
    P
    Security update for libssh2_org (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49592
    P
    perl-Tk on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52263
    P
    Security update for wpa_supplicant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:52272
    P
    Security update for nginx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:50673
    P
    Security update for sqlite3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:110328
    P
    Security update for nginx (Moderate)
    2020-02-11
    oval:org.opensuse.security:def:91105
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:105414
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:98724
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:75466
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:91774
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:104760
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:org.opensuse.security:def:98070
    P
    Security update for nginx (Moderate)
    2020-02-06
    oval:com.ubuntu.disco:def:2019203720000000
    V
    CVE-2019-20372 on Ubuntu 19.04 (disco) - medium.
    2020-01-09
    oval:com.ubuntu.bionic:def:2019203720000000
    V
    CVE-2019-20372 on Ubuntu 18.04 LTS (bionic) - medium.
    2020-01-09
    oval:com.ubuntu.xenial:def:2019203720000000
    V
    CVE-2019-20372 on Ubuntu 16.04 LTS (xenial) - medium.
    2020-01-09
    BACK
    f5 nginx *
    apple xcode *
    canonical ubuntu linux 14.04
    opensuse leap 15.1
    netapp cloud backup -
    nginx nginx 1.17.6
    ibm api connect 5.0.0.0
    ibm storediq 7.6.0.0
    ibm api connect 5.0.8.7
    ibm api connect 2018.4.1.0
    ibm cloud pak for automation 19.0.3
    ibm storediq 7.6.0.20
    ibm api connect 2018.4.1.10
    ibm cloud private 3.2.1 cd
    ibm cloud pak for automation 20.0.1
    ibm cloud private 3.2.2 cd
    apple xcode 12.3