Vulnerability CVE-2019-5420

Vulnerability Name:

CVE-2019-5420 (CCN-158111)

Assigned:

2019-03-13

Published:

2019-03-13

Updated:

2021-11-03

Summary:

A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals to escalate to a remote code execution exploit.

CVSS v3 Severity:

9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
9.1 Critical (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

9.8 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
9.1 Critical (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-330

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2019-5420

Source: MISC
Type: Exploit, Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/152704/Ruby-On-Rails-DoubleTap-Development-Mode-secret_key_base-Remote-Code-Execution.html

Source: CCN
Type: IBM Security Bulletin 881644 (Endpoint Manager for Security and Compliance)
Multiple vulnerabilities in IBM SDK, and Ruby on Rails affect BigFix Compliance

Source: XF
Type: UNKNOWN
rubyonrails-cve20195420-code-exec(158111)

Source: CCN
Type: rails GIT Repository
Ruby on Rails

Source: CONFIRM
Type: Mitigation, Patch, Third Party Advisory
https://groups.google.com/forum/#!topic/rubyonrails-security/IsQKvDqZdKw

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2019-1cfe24db5c

Source: CCN
Type: Packet Storm Security [05-01-2019]
Ruby On Rails DoubleTap Development Mode secret_key_base Remote Code Execution

Source: CCN
Type: oss-sec Mailing List, Wed, 13 Mar 2019 10:14:54 -0700
[CVE-2019-5420] Possible Remote Code Execution Exploit in Rails Development Mode

Source: CONFIRM
Type: Patch, Vendor Advisory
https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [05-02-2019]

Source: EXPLOIT-DB
Type: Exploit, Third Party Advisory, VDB Entry
46785

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-5420

Vulnerable Configuration:

Configuration 1:

cpe:/a:rubyonrails:rails:6.0.0:beta1:*:*:*:*:*:*

OR cpe:/a:rubyonrails:rails:*:*:*:*:*:*:*:* (Version < 5.2.2.1)

OR cpe:/a:rubyonrails:rails:6.0.0:beta2:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:30:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:rubyonrails:rails:6.0.0:-:*:*:*:*:*:*

AND

cpe:/a:ibm:endpoint_manager:1.7:*:*:*:compliance:*:*:*

OR cpe:/a:ibm:endpoint_manager:1.7:*:*:*:compliance:*:*:*

OR cpe:/a:ibm:endpoint_manager:1.10.0:*:*:*:compliance:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20195420	V	CVE-2019-5420	2023-06-22
oval:org.opensuse.security:def:51991	P	Security update for systemd (Moderate)	2023-01-27
oval:org.opensuse.security:def:51977	P	Security update for systemd (Important)	2022-12-28
oval:org.opensuse.security:def:51567	P	Security update for net-snmp (Moderate)	2022-12-13
oval:org.opensuse.security:def:51575	P	Security update for tiff (Important)	2022-12-13
oval:org.opensuse.security:def:51956	P	Security update for the Linux Kernel (Important)	2022-11-18
oval:org.opensuse.security:def:51946	P	Security update for expat (Important)	2022-11-07
oval:org.opensuse.security:def:4676	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:4674	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-08-11
oval:org.opensuse.security:def:620	P	Security update for booth (Important)	2022-08-01
oval:org.opensuse.security:def:4653	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-07-21
oval:org.opensuse.security:def:4647	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-07-19
oval:org.opensuse.security:def:3807	P	tpm2.0-tools-3.1.4-1.12 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3818	P	w3m-0.5.3.git20161120-161.3.4 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3458	P	cpp48-4.8.5-31.20.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3801	P	sysvinit-tools-2.88+-101.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3520	P	gvim-7.4.326-17.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95088	P	rmt-server-pubcloud-2.7.1-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95150	P	rmt-server-2.7.1-150400.1.7 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:5241	P	Security update for the Linux Kernel (Important)	2022-05-16
oval:org.opensuse.security:def:4602	P	Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP5) (Important)	2022-05-10
oval:org.opensuse.security:def:4588	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Important)	2022-04-25
oval:org.opensuse.security:def:4581	P	Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP5) (Important)	2022-04-23
oval:org.opensuse.security:def:4576	P	Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP5) (Important)	2022-04-15
oval:org.opensuse.security:def:5219	P	Security update for netatalk (Important)	2022-04-13
oval:org.opensuse.security:def:4572	P	Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP5) (Important)	2022-04-13
oval:org.opensuse.security:def:4571	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-04-13
oval:org.opensuse.security:def:4565	P	Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP5) (Important)	2022-03-29
oval:org.opensuse.security:def:4709	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) (Important)	2022-03-29
oval:org.opensuse.security:def:4702	P	Security update for the Linux Kernel (Important)	2022-03-09
oval:org.opensuse.security:def:5360	P	Security update for expat (Important)	2022-03-03
oval:org.opensuse.security:def:4687	P	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP5) (Critical)	2022-02-16
oval:org.opensuse.security:def:4660	P	Security update for the Linux Kernel (Live Patch 17 for SLE 12 SP5) (Important)	2022-02-01
oval:org.opensuse.security:def:4663	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP5) (Important)	2022-02-01
oval:org.opensuse.security:def:4646	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-01-31
oval:org.opensuse.security:def:113338	P	rmt-server-2.6.13-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:51764	P	Security update for MozillaFirefox (Important) (in QA)	2022-01-14
oval:org.opensuse.security:def:4701	P	Security update for the Linux Kernel (Important)	2022-01-13
oval:org.opensuse.security:def:4242	P	Security update for SDL2 (Important) (in QA)	2022-01-12
oval:org.opensuse.security:def:51767	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:67370	P	Security update for log4j (Moderate)	2021-12-30
oval:org.opensuse.security:def:51725	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:64825	P	Security update for python3 (Moderate)	2021-12-16
oval:org.opensuse.security:def:4539	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2021-12-14
oval:org.opensuse.security:def:4239	P	Security update for fetchmail (Moderate)	2021-12-14
oval:org.opensuse.security:def:64627	P	Security update for the Linux Kernel (Important)	2021-12-06
oval:org.opensuse.security:def:4171	P	Security update for wireshark (Moderate)	2021-12-06
oval:org.opensuse.security:def:106745	P	Security update for poppler (Important)	2021-12-01
oval:org.opensuse.security:def:4521	P	Security update for go1.17 (Moderate)	2021-12-01
oval:org.opensuse.security:def:67326	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:51698	P	Security update for postgresql96 (Important)	2021-11-22
oval:org.opensuse.security:def:4519	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:4286	P	Security update for the Linux Kernel (Important)	2021-11-19
oval:org.opensuse.security:def:4232	P	Security update for MozillaFirefox (Important)	2021-11-19
oval:org.opensuse.security:def:51692	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:4230	P	Security update for ffmpeg (Moderate)	2021-10-26
oval:org.opensuse.security:def:51679	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:4282	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:51662	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:4155	P	Security update for grilo (Important)	2021-09-23
oval:org.opensuse.security:def:96560	P	firewall-macros-0.5.5-4.24.9 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96583	P	gstreamer-plugins-good-1.12.5-1.39 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96587	P	hplip-devel-3.18.6-5.7.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:51658	P	Security update for openssl (Low)	2021-09-20
oval:org.opensuse.security:def:69273	P	Security update for nodejs12 (Important)	2021-08-30
oval:org.opensuse.security:def:51645	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:4478	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-08-17
oval:org.opensuse.security:def:63131	P	rmt-server-pubcloud-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63370	P	rmt-server-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2042	P	rmt-server-pubcloud-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2281	P	rmt-server-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101396	P	rmt-server-2.6.8-1.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:4279	P	Security update for the Linux Kernel (Important)	2021-08-10
oval:org.opensuse.security:def:72740	P	libpcp-devel-4.3.1-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72729	P	go1.16-1.16.3-1.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:4209	P	Security update for spice-vdagent (Important)	2021-08-05
oval:org.opensuse.security:def:51624	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:4458	P	Security update for the Linux Kernel (Live Patch 12 for SLE 12 SP5) (Important)	2021-07-27
oval:org.opensuse.security:def:69505	P	Security update for the Linux Kernel (Important)	2021-07-21
oval:org.opensuse.security:def:4442	P	Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP5) (Important)	2021-07-14
oval:org.opensuse.security:def:51922	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:4558	P	Security update for bouncycastle (Moderate)	2021-06-25
oval:org.opensuse.security:def:51916	P	Security update for libnettle (Important)	2021-06-23
oval:org.opensuse.security:def:4136	P	Security update for wireshark (Important)	2021-06-22
oval:org.opensuse.security:def:64718	P	Security update for salt (Critical)	2021-06-21
oval:org.opensuse.security:def:4430	P	Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP5) (Important)	2021-06-18
oval:org.opensuse.security:def:70819	P	Security update for the Linux Kernel (Important)	2021-06-15
oval:org.opensuse.security:def:4192	P	Security update for fribidi (Important)	2021-05-19
oval:org.opensuse.security:def:4272	P	Security update for the Linux Kernel (Important)	2021-05-13
oval:org.opensuse.security:def:51882	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:70779	P	Security update for MozillaThunderbird (Important)	2021-04-29
oval:org.opensuse.security:def:4397	P	Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP5) (Important)	2021-04-28
oval:org.opensuse.security:def:4120	P	Security update for MozillaFirefox (Important)	2021-04-23
oval:org.opensuse.security:def:4722	P	Security update for the Linux Kernel (Important)	2021-04-20
oval:org.opensuse.security:def:64474	P	Security update for qemu (Important)	2021-04-16
oval:org.opensuse.security:def:51533	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-04-07
oval:org.opensuse.security:def:52033	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:52031	P	Security update for openssl-1_1 (Important)	2021-03-25
oval:org.opensuse.security:def:51190	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:51754	P	Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:74693	P	Security update for ImageMagick (Moderate)	2021-02-25
oval:org.opensuse.security:def:4143	P	Security update for MozillaFirefox (Important)	2021-02-01
oval:org.opensuse.security:def:51588	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:64515	P	Security update for gdk-pixbuf (Moderate)	2021-01-21
oval:org.opensuse.security:def:4070	P	Security update for MozillaFirefox (Important)	2021-01-12
oval:org.opensuse.security:def:74567	P	Security update for python3 (Important)	2020-12-23
oval:org.opensuse.security:def:4112	P	Security update for webkit2gtk3 (Important)	2020-12-17
oval:org.opensuse.security:def:4050	P	Security update for webkit2gtk3 (Important)	2020-12-17
oval:org.opensuse.security:def:51086	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:69376	P	Security update for gcc10, nvptx-tools (Moderate)	2020-12-04
oval:org.opensuse.security:def:3959	P	libatalk12-3.1.0-3.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4002	P	liblcms-devel-1.19-17.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4108	P	osc-0.162.1-15.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4010	P	libmspack-devel-0.4-14.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3856	P	augeas-devel-1.10.1-2.6 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3899	P	gegl-devel-0.2.0-14.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3971	P	libdmx-devel-1.1.3-3.51 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4005	P	liblouis-devel-2.6.4-6.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3976	P	libexpat-devel-2.1.0-21.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4015	P	libneon-devel-0.30.0-3.64 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4077	P	libwpd-0_10-10-0.10.2-2.7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4009	P	libmodplug-devel-0.8.9.0+git20170610.f6dd59a-15.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4058	P	libssh2-devel-1.4.3-20.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3875	P	dhcp-devel-4.3.3-10.16.4 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4018	P	libntfs-3g-devel-2013.1.13-5.6.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3903	P	git-2.12.3-27.17.2 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3988	P	libical-devel-1.0.1-16.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72613	P	crash-7.2.1-7.15 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4022	P	libopenssl-devel-1.0.2p-1.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3887	P	flex-2.5.37-8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3997	P	libjbig-devel-2.0-12.13 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3915	P	gtk2-devel-2.24.31-9.6.28 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:3844	P	MozillaFirefox-devel-68.1.0-109.92.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4355	P	Security update for the Linux Kernel (Live Patch 19 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4854	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4905	P	Security update for rmt-server (Important)	2020-12-02
oval:org.opensuse.security:def:4811	P	Security update for apache2 (Moderate)	2020-12-02
oval:org.opensuse.security:def:4246	P	Security update for the Linux Kernel (Live Patch 0 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:5531	P	Security update for rmt-server (Important)	2020-12-02
oval:org.opensuse.security:def:4248	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)	2020-12-02
oval:org.opensuse.security:def:4865	P	Security update for apache2 (Important)	2020-12-02
oval:org.opensuse.security:def:4719	P	Security update for targetcli-fb (Moderate)	2020-12-02
oval:org.opensuse.security:def:4945	P	Security update for rmt-server (Important)	2020-12-02
oval:org.opensuse.security:def:4884	P	Security update for salt (Moderate)	2020-12-02
oval:org.opensuse.security:def:4841	P	Security update for 389-ds (Important)	2020-12-02
oval:org.opensuse.security:def:5503	P	Security update for libX11 (Moderate)	2020-12-02
oval:org.opensuse.security:def:4788	P	Security update for qemu (Important)	2020-12-02
oval:org.opensuse.security:def:4714	P	Security update for python-PyYAML (Important)	2020-12-02
oval:org.opensuse.security:def:4924	P	Security update for freetds (Moderate)	2020-12-02
oval:org.opensuse.security:def:4848	P	Security update for bind (Important)	2020-12-02
oval:org.opensuse.security:def:5385	P	Security update for rmt-server (Important)	2020-12-02
oval:org.opensuse.security:def:51428	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:51391	P	Security update for pam (Important)	2020-12-01
oval:org.opensuse.security:def:53491	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:67469	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50568	P	Security update for python (Important)	2020-12-01
oval:org.opensuse.security:def:53336	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:51136	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:64984	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:51403	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:75171	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50723	P	Security update for libgcrypt (Moderate)	2020-12-01
oval:org.opensuse.security:def:50590	P	Security update for LibreOffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:53043	P	Security update for python-ecdsa (Moderate)	2020-12-01
oval:org.opensuse.security:def:66029	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50318	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:51389	P	Security update for apache-pdfbox (Moderate)	2020-12-01
oval:org.opensuse.security:def:50702	P	Security update for cups (Important)	2020-12-01
oval:org.opensuse.security:def:52105	P	Security update for libxslt (Moderate)	2020-12-01
oval:org.opensuse.security:def:74154	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50969	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:70669	P	Security update for spice-gtk (Moderate)	2020-12-01
oval:org.opensuse.security:def:52172	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:65096	P	Security update for python3 (Moderate)	2020-12-01
oval:org.opensuse.security:def:53634	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:53376	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:51261	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:64372	P	libpq5 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73991	P	Security update for php7 (Important)	2020-12-01
oval:org.opensuse.security:def:51492	P	Security update for perl-YAML-LibYAML (Moderate)	2020-12-01
oval:org.opensuse.security:def:50901	P	Security update for spamassassin (Important)	2020-12-01
oval:org.opensuse.security:def:51121	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:51810	P	Security update for openssl-1_1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:52139	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:53267	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:66169	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50567	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:53094	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50923	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:52244	P	Security update for apache2 (Important)	2020-12-01
oval:org.opensuse.security:def:75038	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:70707	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:65939	P	Security update for the Linux Kernel (Critical)	2020-12-01
oval:org.opensuse.security:def:50853	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53561	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:51133	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:74029	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:51504	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:52215	P	Security update for cifs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:72858	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:51025	P	Security update for python-setuptools (Important)	2020-12-01
oval:org.opensuse.security:def:51299	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:51850	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:52279	P	Security update for fontforge (Moderate)	2020-12-01
oval:org.opensuse.security:def:53307	P	Security update for qemu (Moderate)	2020-12-01
oval:org.opensuse.security:def:67423	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50319	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:53107	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50958	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:52083	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:51225	P	Recommended update for evince (Moderate)	2020-12-01
oval:org.opensuse.security:def:50471	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:51842	P	Security update for php7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:64927	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:66077	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:50339	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:50865	P	Security update for perl-DBI (Moderate)	2020-12-01
oval:org.opensuse.security:def:53030	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:53706	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:51354	P	Security update for spice-vdagent (Important)	2020-12-01
oval:org.opensuse.security:def:50690	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:52358	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:74114	P	Security update for rmt-server (Important)	2020-12-01
oval:org.opensuse.security:def:50957	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:69400	P	Security update for mercurial (Low)	2020-12-01
oval:org.opensuse.security:def:110317	P	Security update for rmt-server (Important)	2020-11-23
oval:org.opensuse.security:def:110866	P	Security update for rmt-server (Important)	2020-11-21
oval:org.opensuse.security:def:98718	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:105269	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:91614	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:105408	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:98579	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:91768	P	Security update for rmt-server (Important)	2020-11-05
oval:org.opensuse.security:def:95892	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:109367	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:102605	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:96011	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:118357	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:102701	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:118463	P	Security update for rmt-server (Important)	2020-10-26
oval:org.opensuse.security:def:109271	P	Security update for rmt-server (Important)	2020-10-26
oval:com.ubuntu.disco:def:201954200000000	V	CVE-2019-5420 on Ubuntu 19.04 (disco) - medium.	2019-03-27
oval:com.ubuntu.bionic:def:20195420000	V	CVE-2019-5420 on Ubuntu 18.04 LTS (bionic) - medium.	2019-03-27
oval:com.ubuntu.cosmic:def:201954200000000	V	CVE-2019-5420 on Ubuntu 18.10 (cosmic) - medium.	2019-03-27
oval:com.ubuntu.cosmic:def:20195420000	V	CVE-2019-5420 on Ubuntu 18.10 (cosmic) - medium.	2019-03-27
oval:com.ubuntu.bionic:def:201954200000000	V	CVE-2019-5420 on Ubuntu 18.04 LTS (bionic) - medium.	2019-03-27
oval:com.ubuntu.trusty:def:20195420000	V	CVE-2019-5420 on Ubuntu 14.04 LTS (trusty) - medium.	2019-03-27
oval:com.ubuntu.xenial:def:201954200000000	V	CVE-2019-5420 on Ubuntu 16.04 LTS (xenial) - medium.	2019-03-27
oval:com.ubuntu.xenial:def:20195420000	V	CVE-2019-5420 on Ubuntu 16.04 LTS (xenial) - medium.	2019-03-27

BACK