Vulnerability CVE-2019-2977 - CERT Civis.Net

Vulnerability Name:

CVE-2019-2977 (CCN-169283)

Assigned:

2018-12-14

Published:

2019-10-15

Updated:

2020-08-18

Summary:

Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE.
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.8 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L).

CVSS v3 Severity:

4.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)
4.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)
4.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

4.8 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)
4.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-noinfo
CWE-125

Vulnerability Consequences:

Other

References:

Source: MITRE
Type: CNA
CVE-2019-2977

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2557

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:2565

Source: CCN
Type: Oracle CPUOct2019
Oracle Critical Patch Update Advisory - October 2019

Source: MISC
Type: Patch, Vendor Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:3135

Source: XF
Type: UNKNOWN
oracle-cpuoct2019-cve20192977(169283)

Source: BUGTRAQ
Type: Mailing List, Third Party Advisory
20191021 [SECURITY] [DSA 4546-1] openjdk-11 security update

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20191017-0001/

Source: UBUNTU
Type: UNKNOWN
USN-4223-1

Source: DEBIAN
Type: Third Party Advisory
DSA-4546

Source: CCN
Type: IBM Security Bulletin 1127397 (WebSphere Application Server in Cloud)
Multiple Security Vulnerabilities Affect IBM WebSphere Application Server in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 1128321 (WebSphere Application Server Patterns)
Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server October 2019 CPU that is bundled with IBM WebSphere Application Server Patterns

Source: CCN
Type: IBM Security Bulletin 1138768 (Spectrum Conductor with Spark)
Multiple vulnerabilities in IBM Java Runtime affect IBM Spectrum Conductor 2.4, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1

Source: CCN
Type: IBM Security Bulletin 1171108 (InfoSphere Streams)
Vulnerabilities in IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Source: CCN
Type: IBM Security Bulletin 2494017 (WebSphere Application Server in Cloud)
Multiple Vulnerabilities in WebSphere Application Server Liberty in IBM Cloud Private VM Quickstarter

Source: CCN
Type: IBM Security Bulletin 3464673 (Watson Developer Cloud)
Java Update

Source: CCN
Type: IBM Security Bulletin 4790613 (Tivoli System Automation for Multiplatforms)
Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Oct 2019 CPU (CVE-2019-2964, CVE-2019-2989 )

Source: CCN
Type: IBM Security Bulletin 5691206 (Tivoli Application Dependency Discovery Manager)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Source: CCN
Type: IBM Security Bulletin 5692676 (Cloud Pak System)
Multiple vulnerabilities in IBM Java SDK affect OS Images for Red Hat Linux Systems (Oct2019 updates)

Source: CCN
Type: IBM Security Bulletin 5693018 (DataQuant for z/OS)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Source: CCN
Type: IBM Security Bulletin 5694513 (DB2 Query Management Facility)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU minus CVE-2019-2949

Source: CCN
Type: IBM Security Bulletin 6113404 (Application Performance Management)
Multiple vulnerabilities in the IBM SDK, Java Technology Edition affects IBM Performance Management products

Source: CCN
Type: IBM Security Bulletin 6152367 (Security Guardium)
Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium

Source: CCN
Type: IBM Security Bulletin 6173901 (Monitoring)
Multiple vulnerabilities in IBM Java SDK affect IBM Performance Management products

Source: CCN
Type: IBM Security Bulletin 6208728 (Rational Collaborative Lifecycle Management)
Security Vulnerabilities in IBM Java SDK Oct 2019 and Jan 2020 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Source: CCN
Type: IBM Security Bulletin 6221316 (Spectrum Protect Plus)
Multiple Java vulnerabilities affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6228088 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Java

Source: CCN
Type: IBM Security Bulletin 6235074 (Cloud Pak for Automation)
Multiple vulnerabilities in middleware software affect IBM Cloud Pak for Automation

Source: CCN
Type: IBM Security Bulletin 6245726 (StoredIQ)
Multiple Vulnerabilities in IBM Java SDK affect IBM StoredIQ

Source: CCN
Type: IBM Security Bulletin 6253849 (Tivoli Monitoring)
IBM SDK, Java Technology Edition Quarterly CPU - Oct 2019 - Includes Oracle Oct 2019 CPU affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Source: CCN
Type: IBM Security Bulletin 6253955 (Water Operations for Waternamics)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime that affect IBM Intelligent Operations Center products (October 2019)

Source: CCN
Type: IBM Security Bulletin 6255260 (Watson Machine Learning)
Watson Machine Learning Service is impacted by security vulnerabilities in OpenJDK 11

Source: CCN
Type: IBM Security Bulletin 6324705 (Cloud Manager)
Multiple vulnerabilities in IBM Java SDK affect IBM Cloud Manager with OpenStack

Source: CCN
Type: IBM Security Bulletin 6324823 (ISIM VA)
IBM Java SDK Technology Edition, Oct 2019, affects IBM Security Identity Manager Virtual Appliance

Source: CCN
Type: IBM Security Bulletin 6335281 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6398724 (Engineering Requirements Quality Assistant)
Multiple vulnerabilities affect IBM Engineering Requirements Quality Assistant On-Premises

Source: CCN
Type: IBM Security Bulletin 6409926 (Rational Functional Tester)
Multiple vulnerabilities in Open JDK affecting Rational Functional Tester

Source: CCN
Type: IBM Security Bulletin 6436421 (InfoSphere Information Server)
Multiple vulnerabilities in OpenJDK version 11 affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6436567 (InfoSphere Information Server)
Multiple vulnerabilities in OpenJDK version 8 affect IBM InfoSphere Information Server

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:jdk:11.0.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:13.0.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:jre:11.0.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:jre:13.0.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* (Version >= 7.3

OR cpe:/a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* (Version >= 9.5

OR cpe:/a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* (Version >= 11.0.0 and <= 11.50.2)

OR cpe:/a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_unified_manager:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_web_services_proxy:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:snapmanager:-:*:*:*:*:oracle:*:*

OR cpe:/a:netapp:snapmanager:-:*:*:*:*:sap:*:*

Configuration 3:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration RedHat 6:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 7:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:java:13:*:*:*:*:*:*:*

OR cpe:/a:oracle:java_se:11.0.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:openjdk:11.0.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:openjdk:13:*:*:*:*:*:*:*

AND

cpe:/a:ibm:tivoli_system_automation:4.1:*:*:*:*:*:-:*

OR cpe:/a:ibm:db2_query_management_facility:11.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:6.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:application_performance_management:8.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:monitoring:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_conductor:2.2.1:*:apache_spark:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:2.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:*:*:*:*:liberty:*:*:*

OR cpe:/a:ibm:spectrum_conductor:2.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:11.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:12.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:12.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:storediq:7.6.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:application_performance_management:8.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_system:2.3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:2.3.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_conductor:2.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_system:2.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_system:2.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:storediq:7.6.0.20:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_streams:4.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_streams:4.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_streams:4.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_in_cloud:3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_developer_cloud:1.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:dataquant:2.1:*:*:*:z/os:*:*:*

OR cpe:/a:ibm:dataquant:2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_system:2.3.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium_activity_monitor:10.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_guardium_activity_monitor:11.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_collaborative_lifecycle_management:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:7.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:water_operations_for_waternamics:5.2.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_machine_learning:1.1.2:*:accelerator:*:*:*:*:*

OR cpe:/a:ibm:cloud_manager:4.3:*:*:*:*:openstack:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20192977	V	CVE-2019-2977	2023-06-22
oval:org.opensuse.security:def:7535	P	java-11-openjdk-11.0.19.0-150000.3.96.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51974	P	Security update for cni-plugins (Important)	2022-12-20
oval:org.opensuse.security:def:682	P	Security update for python-M2Crypto (Important)	2022-08-05
oval:org.opensuse.security:def:3603	P	libhivex0-1.3.10-4.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3319	P	pam_u2f-1.0.8-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3591	P	libexiv2-12-0.23-12.5.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3331	P	perl-XML-LibXML-2.0019-6.3.5 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:2951	P	hunspell-1.6.2-3.8.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2866	P	arpwatch-2.1a15-5.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2884	P	c-ares-devel-1.17.1+20200724-3.17.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2956	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2904	P	cyrus-sasl-saslauthd-2.1.27-150300.4.6.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2937	P	gnutls-3.7.3-150400.2.12 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94586	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2953	P	ipsec-tools-0.8.2-5.35 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2872	P	avahi-0.8-150400.5.73 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2898	P	cryptctl-2.4-4.5.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2913	P	ecryptfs-utils-111-2.31 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2943	P	grub2-2.06-150400.9.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2862	P	apache2-2.4.51-150400.4.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:86	P	java-11-openjdk-11.0.10.0-3.53.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1427	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (Critical)	2022-02-16
oval:org.opensuse.security:def:112455	P	java-11-openjdk-11.0.12.0-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112457	P	java-13-openjdk-13.0.8.0-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:51764	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:52036	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:94268	P	(Important)	2022-01-11
oval:org.opensuse.security:def:64827	P	Security update for xorg-x11-server (Important)	2021-12-21
oval:org.opensuse.security:def:69774	P	Security update for log4j (Important)	2021-12-17
oval:org.opensuse.security:def:49126	P	Security update for runc (Moderate)	2021-12-14
oval:org.opensuse.security:def:49458	P	Security update for php74 (Moderate)	2021-12-06
oval:org.opensuse.security:def:46066	P	Security update for openssh (Important)	2021-12-01
oval:org.opensuse.security:def:51702	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:105960	P	java-13-openjdk-13.0.8.0-3.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105959	P	java-11-openjdk-11.0.12.0-3.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:63212	P	libecpg6-10.6-6.25 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:68261	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP2) (Important)	2021-09-16
oval:org.opensuse.security:def:1626	P	Security update for dovecot23 (Moderate)	2021-08-31
oval:org.opensuse.security:def:47579	P	cpp48-4.8.5-31.17.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47945	P	ant-1.9.4-3.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48080	P	libXinerama1-1.1.3-3.54 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47632	P	gstreamer-1.8.3-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48144	P	libltdl7-2.4.2-17.4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47944	P	alsa-1.0.27.2-15.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48279	P	python-PyYAML-3.12-26.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47959	P	automake-1.13.4-6.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48143	P	liblouis-data-2.6.4-6.6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48273	P	policycoreutils-2.5-10.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46941	P	freeradius-server-3.0.3-10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48158	P	libnm-glib-vpn1-1.0.12-13.12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:107647	P	java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2264	P	libvirglrenderer0-0.6.0-4.3.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63350	P	libspice-server-devel-0.14.3-1.48 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63424	P	java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2335	P	java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100981	P	java-11-openjdk-javadoc-11.0.7.0-3.42.4 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63478	P	java-11-openjdk-javadoc-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2389	P	java-11-openjdk-javadoc-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:62104	P	java-11-openjdk-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1015	P	java-11-openjdk-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63010	P	go1.16-1.16.3-1.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71845	P	java-11-openjdk-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100862	P	java-11-openjdk-11.0.10.0-3.53.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62731	P	accountsservice-0.6.55-3.14 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72087	P	vim-8.0.1568-5.14.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:49123	P	Security update for containerd (Moderate)	2021-07-20
oval:org.opensuse.security:def:68747	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:69669	P	Security update for containerd, docker, runc (Important)	2021-06-11
oval:org.opensuse.security:def:48472	P	libXrender1-0.9.8-3.55 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46424	P	gdm-3.10.0.1-13.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48696	P	libtag1-32bit-1.9.1-1.265 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46717	P	libblkid1-2.25-30.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48405	P	dovecot22-2.2.13-2.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46872	P	xf86-video-intel-2.99.914-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48645	P	wget-1.14-10.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46841	P	sblim-sfcb-1.4.8-8.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46778	P	libtiff5-32bit-4.0.4-12.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48943	P	libproxy1-networkmanager-32bit-0.4.13-16.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48604	P	python-2.7.9-24.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46635	P	cups-1.7.5-9.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48844	P	java-1_7_0-openjdk-plugin-1.6.2-2.8.3 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48497	P	libgoa-1_0-0-3.20.4-7.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48859	P	libmysqlclient_r18-10.0.30-28.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:93738	P	(Moderate)	2021-05-26
oval:org.opensuse.security:def:68161	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2) (Important)	2021-04-28
oval:org.opensuse.security:def:24063	P	Security update for compat-openssl098 (Moderate)	2021-03-16
oval:org.opensuse.security:def:74339	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:49142	P	Security update for slurm (Important)	2021-01-18
oval:org.opensuse.security:def:49300	P	Security update for python-paramiko (Important)	2021-01-07
oval:org.opensuse.security:def:66418	P	Security update for curl (Moderate)	2020-12-09
oval:org.opensuse.security:def:72203	P	perl-File-Path-2.150000-1.22 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61771	P	java-11-openjdk-11.0.7.0-3.42.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49058	P	telepathy-idle-0.2.0-1.62 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71512	P	java-11-openjdk-11.0.7.0-3.42.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62554	P	libgypsy-devel-0.9-2.30 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62530	P	hplip-3.18.6-5.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71501	P	groff-1.22.3-3.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:100451	P	java-11-openjdk-11.0.7.0-3.42.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62531	P	ibus-chewing-1.4.14-4.39 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49005	P	libSoundTouch0-32bit-1.7.1-5.11.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71614	P	libqpdf26-9.0.2-1.36 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107117	P	java-11-openjdk-11.0.7.0-3.42.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116675	P	java-11-openjdk-11.0.7.0-3.42.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63576	P	gnome-online-accounts-3.26.2-3.34 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2065	P	guestfs-data-1.38.0-3.52 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2665	P	Security update for accountsservice (Moderate)	2020-12-02
oval:org.opensuse.security:def:2681	P	Security update for soundtouch (Moderate)	2020-12-02
oval:org.opensuse.security:def:2600	P	Security update for docker-runc (Moderate)	2020-12-02
oval:org.opensuse.security:def:2626	P	Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Moderate)	2020-12-02
oval:org.opensuse.security:def:2641	P	Security update for MozillaFirefox (Important)	2020-12-02
oval:org.opensuse.security:def:2671	P	Security update for cups (Important)	2020-12-02
oval:org.opensuse.security:def:2590	P	Security update for mutt (Important)	2020-12-02
oval:org.opensuse.security:def:2679	P	Security update for wireshark (Moderate)	2020-12-02
oval:org.opensuse.security:def:2594	P	Security update for cf-cli (Moderate)	2020-12-02
oval:org.opensuse.security:def:2612	P	Security update for docker-runc (Moderate)	2020-12-02
oval:org.opensuse.security:def:2632	P	Security update for cairo (Moderate)	2020-12-02
oval:org.opensuse.security:def:49380	P	docker on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46194	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:64037	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:24792	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:49107	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24750	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:65413	P	Security update for zypper, libzypp and libsolv (Moderate)	2020-12-01
oval:org.opensuse.security:def:49525	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24736	P	Security update for sysstat (Moderate)	2020-12-01
oval:org.opensuse.security:def:24123	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:72991	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:64914	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:49876	P	gv on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49172	P	libhogweed4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24322	P	Security update for libXcursor (Moderate)	2020-12-01
oval:org.opensuse.security:def:50353	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:45748	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:50131	P	nodejs12 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50322	P	Security update for zziplib (Moderate)	2020-12-01
oval:org.opensuse.security:def:24453	P	Security update for sssd (Moderate)	2020-12-01
oval:org.opensuse.security:def:50257	P	Security update for cairo (Moderate)	2020-12-01
oval:org.opensuse.security:def:68850	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:50459	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:50701	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:24651	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:73109	P	java-11-openjdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49379	P	containerd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66326	P	Security update for MozillaThunderbird (Moderate)	2020-12-01
oval:org.opensuse.security:def:49069	P	conntrack-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49702	P	libvpx-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25430	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:65503	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:45761	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:49371	P	containerd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50097	P	salt-api on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50625	P	Security update for kernel-firmware (Moderate)	2020-12-01
oval:org.opensuse.security:def:74465	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:63903	P	Security update for soundtouch (Moderate)	2020-12-01
oval:org.opensuse.security:def:50594	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:50529	P	Security update for webkit2gtk3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49398	P	eog on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:46282	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:64143	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25464	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:49730	P	build on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49101	P	giflib-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24245	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:49070	P	coreutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50448	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:49974	P	rarpd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24375	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:50426	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:49108	P	gpg2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50369	P	Security update for yubico-piv-tool (Low)	2020-12-01
oval:org.opensuse.security:def:64399	P	libvmtools-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24600	P	Security update for qemu (Important)	2020-12-01
oval:org.opensuse.security:def:64287	P	kernel-firmware on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:24054	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:49253	P	libvirt-libs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64245	P	elfutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49604	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:45749	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:49859	P	perl-PerlMagick on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49269	P	libzmq5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50647	P	Security update for tcpdump (Moderate)	2020-12-01
oval:org.opensuse.security:def:45878	P	Security update for libvirt (Important)	2020-12-01
oval:org.opensuse.security:def:49204	P	liboath-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50187	P	gnome-photos on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50698	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:50502	P	Security update for java-11-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:110089	P	Security update for java-11-openjdk (Important)	2019-11-25
oval:org.opensuse.security:def:99834	P	(Important)	2019-11-18
oval:org.opensuse.security:def:90240	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:org.opensuse.security:def:103895	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:org.opensuse.security:def:97834	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:org.opensuse.security:def:100171	P	(Important)	2019-11-18
oval:org.opensuse.security:def:90869	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:org.opensuse.security:def:104524	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:org.opensuse.security:def:75230	P	Security update for java-11-openjdk (Important)	2019-11-18
oval:com.redhat.rhsa:def:20193135	P	RHSA-2019:3135: java-11-openjdk security update (Important)	2019-10-17
oval:com.redhat.rhsa:def:20193127	P	RHSA-2019:3127: java-11-openjdk security update (Important)	2019-10-16
oval:com.ubuntu.bionic:def:201929770000000	V	CVE-2019-2977 on Ubuntu 18.04 LTS (bionic) - medium.	2019-10-16
oval:com.ubuntu.disco:def:201929770000000	V	CVE-2019-2977 on Ubuntu 19.04 (disco) - medium.	2019-10-16