Vulnerability CVE-2020-8277

Vulnerability Name:

CVE-2020-8277 (CCN-191755)

Assigned:

2020-11-12

Published:

2020-11-12

Updated:

2022-05-10

Summary:

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is fixed in 15.2.1, 14.15.1, and 12.19.1.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-400
CWE-119

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-8277

Source: XF
Type: UNKNOWN
nodejs-cve20208277-dos(191755)

Source: MISC
Type: Permissions Required, Third Party Advisory
https://hackerone.com/reports/1033107

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-7473744de1

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2020-307e873389

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-ee913722db

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-afed2b904e

Source: CCN
Type: Node.js Blog, 2020-11-16
November 2020 Security Releases

Source: CONFIRM
Type: Patch, Vendor Advisory
https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/

Source: GENTOO
Type: Third Party Advisory
GLSA-202012-11

Source: GENTOO
Type: Third Party Advisory
GLSA-202101-07

Source: CCN
Type: IBM Security Bulletin 6380404 (SDK for Node.js for Bluemix)
Multiple vulnerabilities affect IBM SDK for Node.js in IBM Cloud

Source: CCN
Type: IBM Security Bulletin 6381336 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is affected by a Node.js vulnerability

Source: CCN
Type: IBM Security Bulletin 6381346 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is affected by a Node.js vulnerability

Source: CCN
Type: IBM Security Bulletin 6382384 (Cloud Event Management)
Version 12.18.4 of Node.js included in IBM Netcool Operations Insight 1.6.2.x has a security vulnerability

Source: CCN
Type: IBM Security Bulletin 6395504 (Event Streams)
IBM Event Streams is affected by multiple Node.js vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6405790 (Platform Navigator in IBM Cloud Pak for Integration)
IBM Cloud Pak for Integration is vulnerable to Node.js (CVE-2020-8277)

Source: CCN
Type: IBM Security Bulletin 6410882 (Spectrum Protect Plus)
Vulnerabilities in Node.js and FasterXML jackson-databind affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6412345 (Cloud Pak for Automation)
Multiple vulnerabilities affect IBM Cloud Pak for Automation

Source: CCN
Type: IBM Security Bulletin 6415869 (Cloud Automation Manager)
A security vulnerability in Node.js affects IBM Cloud Automation Manager.

Source: CCN
Type: IBM Security Bulletin 6416137 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js

Source: CCN
Type: IBM Security Bulletin 6416161 (Cloud Pak for Multicloud Management)
A security vulnerability in Node.js affects IBM Cloud Pak for Multicloud Management.

Source: CCN
Type: IBM Security Bulletin 6420355 (Rational Application Developer for WebSphere Software)
Multiple vulnerabilities affect IBM Rational Application Developer for WebSphere Software

Source: CCN
Type: IBM Security Bulletin 6426699 (API Connect)
IBM API Connect is vulnerable to denial of service (DoS) via Node.js (CVE-2020-8277)

Source: CCN
Type: IBM Security Bulletin 6428923 (Watson OpenScale)
IBM Watson OpenScale on Cloud Pak for Data is impacted by CVE-2020-8277

Source: CCN
Type: IBM Security Bulletin 6429599 (Streams)
Streams Flows might be affected by some underlying Node.js vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6437245 (InfoSphere Information Server)
Multiple vulnerabilities in Node.js affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6448442 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container may be vulnerable to a denial of service attack through a DNS lookup that returns a large number of responses (CVE-2020-8277)

Source: CCN
Type: IBM Security Bulletin 6453115 (Cloud Pak for Security)
Cloud Pak for Security contains security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6475963 (WA for ICP)
Potential vulnerability with Node.js

Source: CCN
Type: IBM Security Bulletin 6497219 (QRadar Network Packet Capture)
Node.js as used by IBM Security QRadar Packet Capture contains multiple vulnerabilities (CVE-2020-8201, CVE-2020-8252, CVE-2020-8251, CVE-2020-8277)

Source: N/A
Type: Patch, Third Party Advisory
N/A

Source: CCN
Type: Oracle Critical Patch Update Advisory - April 2021
Oracle Critical Patch Update Advisory - April 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuApr2021.html

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html

Source: CCN
Type: Oracle CPUJan2021
Oracle Critical Patch Update Advisory - January 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2021.html

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: MISC
Type: Patch, Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2020-8277

Vulnerable Configuration:

Configuration 1:

cpe:/a:nodejs:node.js:*:*:*:*:-:*:*:* (Version >= 15.0.0 and < 15.2.1)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 14.13.0 and < 14.15.1)

OR cpe:/a:nodejs:node.js:*:*:*:*:lts:*:*:* (Version >= 12.16.3 and < 12.19.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:32:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3:

cpe:/a:oracle:graalvm:19.3.4:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:20.3.0:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:retail_xstore_point_of_service:16.0.6:*:*:*:*:*:*:*

OR cpe:/a:oracle:retail_xstore_point_of_service:17.0.4:*:*:*:*:*:*:*

OR cpe:/a:oracle:retail_xstore_point_of_service:18.0.3:*:*:*:*:*:*:*

OR cpe:/a:oracle:retail_xstore_point_of_service:19.0.2:*:*:*:*:*:*:*

OR cpe:/a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* (Version < 9.2.6.0)

OR cpe:/a:oracle:mysql_cluster:*:*:*:*:*:*:*:* (Version <= 8.0.23)

OR cpe:/a:oracle:blockchain_platform:*:*:*:*:*:*:*:* (Version < 21.1.2)

Configuration 4:

cpe:/a:c-ares_project:c-ares:*:*:*:*:*:*:*:* (Version < 1.16.0)

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration CCN 1:

cpe:/a:nodejs:node.js:12:*:*:*:*:*:*:*

OR cpe:/a:nodejs:node.js:14.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:sdk:*:*:node.js:*:bluemix:*:*:*

OR cpe:/a:ibm:rational_application_developer:9.6:*:*:*:websphere:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_network_packet_capture:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:2018.4.1.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:10.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.4.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:20.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_plus:10.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:api_connect:10.0.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.6.0.1:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20208277	V	CVE-2020-8277	2023-06-22
oval:org.opensuse.security:def:8176	P	Security update for php7 (Moderate) (in QA)	2023-06-15
oval:org.opensuse.security:def:8175	P	Security update for MozillaThunderbird (Important) (in QA)	2023-06-13
oval:org.opensuse.security:def:7458	P	c-ares-devel-1.19.0-150000.3.20.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:642	P	Security update for nodejs10 (Moderate) (in QA)	2022-09-30
oval:org.opensuse.security:def:641	P	Security update for nodejs12 (Moderate) (in QA)	2022-09-30
oval:org.opensuse.security:def:4738	P	Security update for oracleasm (Important)	2022-08-10
oval:org.opensuse.security:def:3429	P	apache-commons-httpclient-3.1-4.364 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3433	P	apache2-mod_nss-1.0.14-19.9.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3430	P	apache2-2.4.23-29.43.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3838	P	zsh-5.0.5-6.7.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3186	P	libicu-doc-52.1-8.7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3826	P	xinetd-2.3.15-8.8.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3188	P	libimobiledevice6-1.2.0-7.31 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3427	P	apache-commons-beanutils-1.9.2-3.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95135	P	libwsman-devel-2.6.7-3.9.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2884	P	c-ares-devel-1.17.1+20200724-3.17.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94514	P	c-ares-devel-1.17.1+20200724-3.17.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:22	P	c-ares-devel-1.17.0-3.11.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:94454	P	(Important)	2022-06-10
oval:org.opensuse.security:def:5256	P	Security update for curl (Important)	2022-05-23
oval:org.opensuse.security:def:5234	P	Security update for MozillaFirefox (Important)	2022-05-09
oval:org.opensuse.security:def:4596	P	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP5) (Important)	2022-05-09
oval:org.opensuse.security:def:4587	P	Security update for the Linux Kernel (Live Patch 24 for SLE 12 SP5) (Important)	2022-04-25
oval:org.opensuse.security:def:4591	P	Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP5) (Important)	2022-04-25
oval:org.opensuse.security:def:4580	P	Security update for the Linux Kernel (Live Patch 20 for SLE 12 SP5) (Important)	2022-04-23
oval:org.opensuse.security:def:101848	P	Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core (Important) (in QA)	2022-04-19
oval:org.opensuse.security:def:1797	P	Security update for the Linux Kernel (Important)	2022-04-13
oval:org.opensuse.security:def:5376	P	Security update for apache2 (Important)	2022-03-21
oval:org.opensuse.security:def:951	P	Security update for ucode-intel (Important)	2022-02-25
oval:org.opensuse.security:def:112035	P	c-ares-devel-1.17.2-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:113037	P	nodejs14-14.17.5-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:70332	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:64639	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:4730	P	Security update for the Linux RT Kernel (Important)	2021-12-10
oval:org.opensuse.security:def:67345	P	Recommended update for php7 (Moderate)	2021-12-06
oval:org.opensuse.security:def:66989	P	Security update for netcdf (Important)	2021-11-30
oval:org.opensuse.security:def:73915	P	Security update for qemu (Important)	2021-11-03
oval:org.opensuse.security:def:69085	P	Security update for apache2 (Important)	2021-10-26
oval:org.opensuse.security:def:105590	P	c-ares-devel-1.17.2-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:106478	P	nodejs14-14.17.5-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:96682	P	libproxy-devel-0.4.15-2.15 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:52049	P	Security update for compat-openssl098 (Low)	2021-09-13
oval:org.opensuse.security:def:67250	P	Security update for mariadb (Moderate)	2021-09-03
oval:org.opensuse.security:def:15041	P	libopenssl-devel-1.0.2p-1.13 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:14381	P	socat-1.7.2.4-3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:15019	P	libksba8-1.3.0-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:63416	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2328	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101417	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63417	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101418	P	nodejs14-14.16.0-5.9.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2327	P	nodejs12-12.21.0-4.13.2 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:1942	P	perl-Archive-Extract-0.80-1.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101167	P	ibus-chewing-1.6.1-1.53 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1943	P	perl-Config-IniFiles-2.94-1.23 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62040	P	c-ares-devel-1.17.0-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100798	P	c-ares-devel-1.17.0-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71785	P	cifs-utils-6.9-5.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71781	P	c-ares-devel-1.17.0-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:4725	P	Security update for the Linux Kernel (Important)	2021-07-14
oval:org.opensuse.security:def:65648	P	Security update for the Linux Kernel (Important)	2021-06-28
oval:org.opensuse.security:def:73654	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:2435	P	MozillaThunderbird-52.8-1.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:74705	P	Security update for dtc (Low)	2021-05-13
oval:org.opensuse.security:def:67081	P	Security update for evolution-data-server (Moderate)	2021-03-24
oval:org.opensuse.security:def:68332	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:51178	P	Security update for compat-openssl098 (Moderate)	2021-03-16
oval:org.opensuse.security:def:73772	P	Security update for python3 (Moderate)	2021-02-19
oval:com.redhat.rhsa:def:20210551	P	RHSA-2021:0551: nodejs:14 security and bug fix update (Moderate)	2021-02-16
oval:org.opensuse.security:def:70437	P	Security update for go1.14 (Moderate)	2021-01-26
oval:org.opensuse.security:def:64527	P	Security update for permissions (Moderate)	2021-01-22
oval:org.opensuse.security:def:111363	P	Security update for nodejs14 (Moderate)	2021-01-15
oval:org.opensuse.security:def:111357	P	Security update for nodejs12 (Moderate)	2021-01-15
oval:org.opensuse.security:def:49440	P	Security update for php74 (Moderate)	2021-01-14
oval:org.opensuse.security:def:102830	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:97240	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:118592	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:109497	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:102831	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:97241	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:96140	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:118593	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:96141	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:69264	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:69265	P	Security update for nodejs12 (Moderate)	2021-01-11
oval:org.opensuse.security:def:109496	P	Security update for nodejs14 (Moderate)	2021-01-11
oval:org.opensuse.security:def:5401	P	Security update for ceph (Moderate)	2021-01-05
oval:com.redhat.rhsa:def:20205499	P	RHSA-2020:5499: nodejs:12 security and bug fix update (Moderate)	2020-12-15
oval:org.opensuse.security:def:4718	P	Security update for the Linux Kernel (Important)	2020-12-11
oval:org.opensuse.security:def:72322	P	sane-backends-1.0.27-4.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72438	P	sane-backends-1.0.27-4.27 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:68982	P	Security update for xen (Important)	2020-12-03
oval:org.opensuse.security:def:71672	P	openssh-8.1p1-3.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4084	P	libyaml-devel-0.1.6-7.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:4071	P	libusbmuxd-devel-1.0.10-2.3 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2585	P	Security update for c-ares (Moderate)	2020-12-02
oval:org.opensuse.security:def:2581	P	Security update for xen (Important)	2020-12-02
oval:org.opensuse.security:def:5547	P	Security update for c-ares (Moderate)	2020-12-02
oval:org.opensuse.security:def:4857	P	Security update for postgresql (Moderate)	2020-12-02
oval:org.opensuse.security:def:5519	P	Security update for nodejs10 (Important)	2020-12-02
oval:org.opensuse.security:def:4864	P	Security update for ovmf (Moderate)	2020-12-02
oval:org.opensuse.security:def:4881	P	Security update for squid (Important)	2020-12-02
oval:org.opensuse.security:def:4870	P	Security update for dpdk (Moderate)	2020-12-02
oval:org.opensuse.security:def:51072	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:50933	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:70593	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:64998	P	Security update for ghostscript (Important)	2020-12-01
oval:org.opensuse.security:def:68432	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:51104	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:39519	P	Security update for python-Twisted (Moderate)	2020-12-01
oval:org.opensuse.security:def:52516	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:74579	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:51005	P	Security update for python-waitress (Moderate)	2020-12-01
oval:org.opensuse.security:def:38881	P	rhythmbox on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52454	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:65738	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:49471	P	libtiff5-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:50872	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:52121	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:49375	P	docker-libnetwork on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52155	P	Security update for SUSE Manager Client Tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:50818	P	Security update for e2fsprogs (Moderate)	2020-12-01
oval:org.opensuse.security:def:53577	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:49585	P	libxcb-render0-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:75061	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:49542	P	libavcodec57 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53507	P	Security update for python-ipaddress (Important)	2020-12-01
oval:org.opensuse.security:def:49616	P	cups-pk-helper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51021	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:52260	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:52231	P	Security update for ceph (Moderate)	2020-12-01
oval:org.opensuse.security:def:75194	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:49520	P	gnome-shell on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:52295	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:50964	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:53722	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:50829	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:74036	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:52188	P	Security update for postgresql10 (Important)	2020-12-01
oval:org.opensuse.security:def:49688	P	libplist++-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:53650	P	Security update for permissions (Moderate)	2020-12-01
oval:org.opensuse.security:def:50860	P	Security update for java-11-openjdk (Moderate)	2020-12-01
oval:org.opensuse.security:def:52271	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:52374	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:50764	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:70701	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:52209	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:65085	P	Security update for c-ares (Moderate)	2020-12-01
oval:org.opensuse.security:def:39561	P	Security update for nodejs12 (Important)	2020-12-01
oval:org.opensuse.security:def:110889	P	Security update for c-ares (Moderate)	2020-11-28
oval:org.opensuse.security:def:110329	P	Security update for c-ares (Moderate)	2020-11-26
oval:org.opensuse.security:def:93552	P	(Moderate)	2020-11-23
oval:org.opensuse.security:def:104759	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:98069	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:90410	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:75465	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:94359	P	(Moderate)	2020-11-23
oval:org.opensuse.security:def:107833	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:91104	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:75744	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:100247	P	(Moderate)	2020-11-23
oval:org.opensuse.security:def:108514	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:93394	P	(Moderate)	2020-11-23
oval:org.opensuse.security:def:104065	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:97375	P	Security update for c-ares (Moderate)	2020-11-23
oval:org.opensuse.security:def:117348	P	Security update for c-ares (Moderate)	2020-11-23

BACK