Vulnerabilites related to tenable - tenable.sc
cve-2020-11655
Vulnerability from cvelistv5
Published
2020-04-09 02:49
Modified
2024-08-04 11:35
Severity ?
EPSS score ?
Summary
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:35:13.644Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html", }, { name: "USN-4394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4394-1/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { name: "GLSA-202007-26", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-08T14:08:34", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html", }, { name: "USN-4394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4394-1/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", }, { tags: [ "x_refsource_MISC", ], url: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { name: "GLSA-202007-26", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11655", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[debian-lts-announce] 20200505 [SECURITY] [DLA 2203-1] sqlite3 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html", }, { name: "USN-4394-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4394-1/", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", refsource: "MISC", url: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", }, { name: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", refsource: "MISC", url: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", }, { name: "https://security.netapp.com/advisory/ntap-20200416-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { name: "GLSA-202007-26", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", refsource: "FREEBSD", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { name: "[debian-lts-announce] 20200822 [SECURITY] [DLA 2340-1] sqlite3 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11655", datePublished: "2020-04-09T02:49:33", dateReserved: "2020-04-09T00:00:00", dateUpdated: "2024-08-04T11:35:13.644Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11042
Vulnerability from cvelistv5
Published
2019-08-09 19:26
Modified
2024-09-17 02:15
Severity ?
EPSS score ?
Summary
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.061Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=78256", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4097-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { status: "affected", version: "7.1.x below 7.1.31", }, { status: "affected", version: "7.2.x below 7.2.21", }, { status: "affected", version: "7.3.x below 7.3.8", }, ], }, ], credits: [ { lang: "en", value: "By orestiskourides at gmail dot com", }, ], datePublic: "2019-07-30T00:00:00", descriptions: [ { lang: "en", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:06:23", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=78256", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4097-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=78256", ], discovery: "EXTERNAL", }, title: "heap-buffer-overflow on exif_process_user_comment in EXIF extension", x_generator: { engine: "Vulnogram 0.0.7", }, x_legacyV4Record: { CVE_data_meta: { AKA: "", ASSIGNER: "security@php.net", DATE_PUBLIC: "2019-07-30T03:21:00.000Z", ID: "CVE-2019-11042", STATE: "PUBLIC", TITLE: "heap-buffer-overflow on exif_process_user_comment in EXIF extension", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_value: "7.1.x below 7.1.31", }, { version_value: "7.2.x below 7.2.21", }, { version_value: "7.3.x below 7.3.8", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, configuration: [], credit: [ { lang: "eng", value: "By orestiskourides at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], }, exploit: [], generator: { engine: "Vulnogram 0.0.7", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=78256", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=78256", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4097-1/", }, { name: "https://security.netapp.com/advisory/ntap-20190822-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { name: "https://support.apple.com/kb/HT210634", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { name: "https://support.apple.com/kb/HT210722", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, solution: [], source: { advisory: "", defect: [ "https://bugs.php.net/bug.php?id=78256", ], discovery: "EXTERNAL", }, work_around: [], }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2019-11042", datePublished: "2019-08-09T19:26:34.193473Z", dateReserved: "2019-04-09T00:00:00", dateUpdated: "2024-09-17T02:15:56.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41184
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:08:31.291Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2022-001", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jquery-ui", vendor: "jquery", versions: [ { status: "affected", version: "< 1.13.0", }, ], }, ], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-31T02:06:17.867Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327", }, { url: "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { url: "https://www.drupal.org/sa-core-2022-001", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], source: { advisory: "GHSA-gpqq-952q-5327", discovery: "UNKNOWN", }, title: "XSS in the `of` option of the `.position()` util", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41184", datePublished: "2021-10-26T00:00:00.000Z", dateReserved: "2021-09-15T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:31.350Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41183
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:08:31.304Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/pull/1953", }, { tags: [ "x_transferred", ], url: "https://bugs.jqueryui.com/ticket/15284", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { name: "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2022-002", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2022-001", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jquery-ui", vendor: "jquery", versions: [ { status: "affected", version: "< 1.13.0", }, ], }, ], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-31T02:06:53.562Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4", }, { url: "https://github.com/jquery/jquery-ui/pull/1953", }, { url: "https://bugs.jqueryui.com/ticket/15284", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { name: "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { url: "https://www.drupal.org/sa-core-2022-002", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { url: "https://www.drupal.org/sa-contrib-2022-004", }, { url: "https://www.drupal.org/sa-core-2022-001", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], source: { advisory: "GHSA-j7qv-pgf6-hvh4", discovery: "UNKNOWN", }, title: "XSS in `*Text` options of the Datepicker widget", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41183", datePublished: "2021-10-26T00:00:00.000Z", dateReserved: "2021-09-15T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:30.803Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44790
Vulnerability from cvelistv5
Published
2021-12-20 00:00
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: Apache HTTP Server 2.4 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:32:13.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "[oss-security] 20211220 CVE-2021-44790: Apache HTTP Server: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/4", }, { name: "FEDORA-2021-29a536c2ae", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { name: "DSA-5035", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-01", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-03", }, { name: "FEDORA-2022-b4103753e9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { name: "FEDORA-2022-21264ec6db", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { name: "FEDORA-2022-78e3211c55", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213257", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213256", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213255", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-20", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.4.51", status: "affected", version: "Apache HTTP Server 2.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Chamal", }, { lang: "en", value: "Anonymous working with Trend Micro Zero Day Initiative", }, ], descriptions: [ { lang: "en", value: "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.", }, ], metrics: [ { other: { content: { other: "high", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-03T00:00:00", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "[oss-security] 20211220 CVE-2021-44790: Apache HTTP Server: Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/4", }, { name: "FEDORA-2021-29a536c2ae", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { name: "DSA-5035", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { url: "https://www.tenable.com/security/tns-2022-01", }, { url: "https://www.tenable.com/security/tns-2022-03", }, { name: "FEDORA-2022-b4103753e9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { name: "FEDORA-2022-21264ec6db", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { name: "FEDORA-2022-78e3211c55", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://support.apple.com/kb/HT213257", }, { url: "https://support.apple.com/kb/HT213256", }, { url: "https://support.apple.com/kb/HT213255", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { url: "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-12-07T00:00:00", value: "Reported to security team", }, { lang: "en", time: "2021-12-16T00:00:00", value: "Fixed by r1896039 in 2.4.x", }, ], title: "Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44790", datePublished: "2021-12-20T00:00:00", dateReserved: "2021-12-10T00:00:00", dateUpdated: "2024-08-04T04:32:13.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0130
Vulnerability from cvelistv5
Published
2022-01-14 19:11
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/tns-2022-01 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: 5.14.0 through 5.19.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:41.726Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-01", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "5.14.0 through 5.19.1", }, ], }, ], descriptions: [ { lang: "en", value: "Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-14T19:11:35", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/tns-2022-01", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2022-0130", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Tenable.sc", version: { version_data: [ { version_value: "5.14.0 through 5.19.1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/tns-2022-01", refsource: "MISC", url: "https://www.tenable.com/security/tns-2022-01", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2022-0130", datePublished: "2022-01-14T19:11:35", dateReserved: "2022-01-05T00:00:00", dateUpdated: "2024-08-02T23:18:41.726Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11656
Vulnerability from cvelistv5
Published
2020-04-09 02:49
Modified
2024-08-04 11:35
Severity ?
EPSS score ?
Summary
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.oracle.com/security-alerts/cpujul2020.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200416-0001/ | x_refsource_CONFIRM | |
| https://www3.sqlite.org/cgi/src/info/b64674919f673602 | x_refsource_MISC | |
| https://www.sqlite.org/src/info/d09f8c3621d5f7f8 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202007-26 | vendor-advisory, x_refsource_GENTOO | |
| https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc | vendor-advisory, x_refsource_FREEBSD | |
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpujan2021.html | x_refsource_MISC | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:35:13.760Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", }, { name: "GLSA-202007-26", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", tags: [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-08T14:06:59", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", }, { tags: [ "x_refsource_MISC", ], url: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", }, { name: "GLSA-202007-26", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", tags: [ "vendor-advisory", "x_refsource_FREEBSD", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-11656", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://security.netapp.com/advisory/ntap-20200416-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { name: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", refsource: "MISC", url: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", }, { name: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", refsource: "MISC", url: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", }, { name: "GLSA-202007-26", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202007-26", }, { name: "FreeBSD-SA-20:22", refsource: "FREEBSD", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-11656", datePublished: "2020-04-09T02:49:18", dateReserved: "2020-04-09T00:00:00", dateUpdated: "2024-08-04T11:35:13.760Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23841
Vulnerability from cvelistv5
Published
2021-02-16 16:55
Modified
2024-09-16 22:39
Severity ?
EPSS score ?
Summary
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2021-23841", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-26T20:18:08.118870Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-26T20:18:17.204Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-03T19:14:09.152Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { name: "DSA-4855", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { name: "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { name: "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-09", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-03", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212529", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212528", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212534", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)", }, ], }, ], credits: [ { lang: "en", value: "Tavis Ormandy (Google)", }, ], datePublic: "2021-02-16T00:00:00", descriptions: [ { lang: "en", value: "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:57.206585", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210216.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { name: "DSA-4855", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { name: "20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { name: "20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.tenable.com/security/tns-2021-09", }, { url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { url: "https://www.tenable.com/security/tns-2021-03", }, { url: "https://support.apple.com/kb/HT212529", }, { url: "https://support.apple.com/kb/HT212528", }, { url: "https://support.apple.com/kb/HT212534", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "Null pointer deref in X509_issuer_and_serial_hash()", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-23841", datePublished: "2021-02-16T16:55:18.817258Z", dateReserved: "2021-01-12T00:00:00", dateUpdated: "2024-09-16T22:39:57.576Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7069
Vulnerability from cvelistv5
Published
2020-10-02 14:14
Modified
2024-09-17 04:04
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.094Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79601", }, { name: "FEDORA-2020-4573f0e03a", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "FEDORA-2020-4fe6b116e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.23", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.11", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "7.2.34", status: "affected", version: "7.2.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by bizxing at web dot de", }, ], datePublic: "2020-09-29T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-20T10:40:13", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79601", }, { name: "FEDORA-2020-4573f0e03a", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "FEDORA-2020-4fe6b116e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79601", ], discovery: "EXTERNAL", }, title: "Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-09-29T06:12:00.000Z", ID: "CVE-2020-7069", STATE: "PUBLIC", TITLE: "Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.23", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.11", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.34", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "Reported by bizxing at web dot de", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=79601", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79601", }, { name: "FEDORA-2020-4573f0e03a", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "FEDORA-2020-4fe6b116e5", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4856", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://security.netapp.com/advisory/ntap-20201016-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79601", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7069", datePublished: "2020-10-02T14:14:45.340264Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T04:04:37.418Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11041
Vulnerability from cvelistv5
Published
2019-08-09 19:26
Modified
2024-09-16 19:31
Severity ?
EPSS score ?
Summary
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:15.996Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=78222", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4097-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { status: "affected", version: "7.1.x below 7.1.31", }, { status: "affected", version: "7.2.x below 7.2.21", }, { status: "affected", version: "7.3.x below 7.3.8", }, ], }, ], credits: [ { lang: "en", value: "By orestiskourides at gmail dot com", }, ], datePublic: "2019-07-30T00:00:00", descriptions: [ { lang: "en", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:06:35", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=78222", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4097-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=78222", ], discovery: "EXTERNAL", }, title: "heap-buffer-overflow on exif_scan_thumbnail in EXIF extension", x_generator: { engine: "Vulnogram 0.0.7", }, x_legacyV4Record: { CVE_data_meta: { AKA: "", ASSIGNER: "security@php.net", DATE_PUBLIC: "2019-07-30T03:21:00.000Z", ID: "CVE-2019-11041", STATE: "PUBLIC", TITLE: "heap-buffer-overflow on exif_scan_thumbnail in EXIF extension", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_value: "7.1.x below 7.1.31", }, { version_value: "7.2.x below 7.2.21", }, { version_value: "7.3.x below 7.3.8", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, configuration: [], credit: [ { lang: "eng", value: "By orestiskourides at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], }, exploit: [], generator: { engine: "Vulnogram 0.0.7", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=78222", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=78222", }, { name: "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { name: "USN-4097-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4097-2/", }, { name: "USN-4097-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4097-1/", }, { name: "https://security.netapp.com/advisory/ntap-20190822-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { name: "20190920 [SECURITY] [DSA 4527-1] php7.3 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Sep/35", }, { name: "DSA-4527", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4527", }, { name: "DSA-4529", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4529", }, { name: "20190923 [SECURITY] [DSA 4529-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Sep/38", }, { name: "openSUSE-SU-2019:2271", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { name: "https://support.apple.com/kb/HT210634", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210634", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Oct/9", }, { name: "20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { name: "https://support.apple.com/kb/HT210722", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210722", }, { name: "20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { name: "RHSA-2019:3299", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, solution: [], source: { advisory: "", defect: [ "https://bugs.php.net/bug.php?id=78222", ], discovery: "EXTERNAL", }, work_around: [], }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2019-11041", datePublished: "2019-08-09T19:26:34.152284Z", dateReserved: "2019-04-09T00:00:00", dateUpdated: "2024-09-16T19:31:07.181Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7066
Vulnerability from cvelistv5
Published
2020-04-01 03:35
Modified
2024-09-17 01:51
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.php.net/bug.php?id=79329 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200403-0001/ | x_refsource_CONFIRM | |
| https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4330-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2020/dsa-4717 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.debian.org/security/2020/dsa-4719 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.072Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79329", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { status: "affected", version: "7.2.x below 7.2.29", }, { status: "affected", version: "7.3.x below 7.3.16", }, { status: "affected", version: "7.4.x below 7.4.4", }, ], }, ], credits: [ { lang: "en", value: "64796c6e69 at gmail dot com", }, ], datePublic: "2020-03-17T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-170", description: "CWE-170 Improper Null Termination", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:06:30", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79329", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79329", ], discovery: "EXTERNAL", }, title: "get_headers() silently truncates after a null byte", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-03-17T05:39:00.000Z", ID: "CVE-2020-7066", STATE: "PUBLIC", TITLE: "get_headers() silently truncates after a null byte", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_value: "7.2.x below 7.2.29", }, { version_value: "7.3.x below 7.3.16", }, { version_value: "7.4.x below 7.4.4", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "64796c6e69 at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-170 Improper Null Termination", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=79329", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79329", }, { name: "https://security.netapp.com/advisory/ntap-20200403-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4719", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79329", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7066", datePublished: "2020-04-01T03:35:14.021693Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T01:51:01.194Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3712
Vulnerability from cvelistv5
Published
2021-08-24 14:50
Modified
2024-09-16 20:32
Severity ?
EPSS score ?
Summary
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:08.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { name: "DSA-4963", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { name: "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { name: "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { name: "[debian-lts-announce] 20210926 [SECURITY] [DLA 2766-1] openssl security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2774-1] openssl1.0 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-16", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-02", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { name: "GLSA-202209-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-02", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k)", }, { status: "affected", version: "Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y)", }, ], }, ], credits: [ { lang: "en", value: "Ingo Schwarze", }, ], datePublic: "2021-08-24T00:00:00", descriptions: [ { lang: "en", value: "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#Moderate", value: "Moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:21.902973", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210824.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { name: "DSA-4963", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { name: "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { name: "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { name: "[debian-lts-announce] 20210926 [SECURITY] [DLA 2766-1] openssl security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { name: "[debian-lts-announce] 20210930 [SECURITY] [DLA 2774-1] openssl1.0 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.tenable.com/security/tns-2021-16", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://www.tenable.com/security/tns-2022-02", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { name: "GLSA-202209-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "Read buffer overruns processing ASN.1 strings", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-3712", datePublished: "2021-08-24T14:50:14.704334Z", dateReserved: "2021-08-16T00:00:00", dateUpdated: "2024-09-16T20:32:42.201Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3711
Vulnerability from cvelistv5
Published
2021-08-24 14:50
Modified
2024-09-16 18:29
Severity ?
EPSS score ?
Summary
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:08.171Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { name: "DSA-4963", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { name: "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { name: "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-16", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-02", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { name: "GLSA-202209-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-02", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-02", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k)", }, ], }, ], credits: [ { lang: "en", value: "John Ouyang", }, ], datePublic: "2021-08-24T00:00:00", descriptions: [ { lang: "en", value: "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#High", value: "High", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Buffer overflow", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:07:59.573968", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210824.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { name: "DSA-4963", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { name: "[tomcat-dev] 20210825 OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { name: "[oss-security] 20210825 OpenSSL SM2 Decryption Buffer Overflow (CVE-2021-3711), Read buffer overruns processing ASN.1 strings (CVE-2021-3712)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { name: "[tomcat-dev] 20210826 Re: OpenSSL security announcement - do we need a Tomcat Native release?", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.tenable.com/security/tns-2021-16", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { url: "https://www.tenable.com/security/tns-2022-02", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { name: "GLSA-202209-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { name: "GLSA-202210-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "SM2 Decryption Buffer Overflow", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-3711", datePublished: "2021-08-24T14:50:13.114745Z", dateReserved: "2021-08-16T00:00:00", dateUpdated: "2024-09-16T18:29:03.742Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-8331
Vulnerability from cvelistv5
Published
2019-02-20 16:00
Modified
2024-08-04 21:17
Severity ?
EPSS score ?
Summary
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T21:17:31.342Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "107375", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K24383845", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-02-20T00:00:00", descriptions: [ { lang: "en", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:06:15", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "107375", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K24383845", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-8331", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "107375", refsource: "BID", url: "http://www.securityfocus.com/bid/107375", }, { name: "20190509 dotCMS v5.1.1 Vulnerabilities", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/May/18", }, { name: "20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/11", }, { name: "20190510 dotCMS v5.1.1 Vulnerabilities", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/10", }, { name: "20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/May/13", }, { name: "RHSA-2019:1456", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { name: "[flink-user] 20190811 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E", }, { name: "[flink-dev] 20190811 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E", }, { name: "[flink-user] 20190813 Re: Apache flink 1.7.2 security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E", }, { name: "[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E", }, { name: "RHSA-2019:3023", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { name: "RHSA-2019:3024", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { name: "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E", }, { name: "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E", }, { name: "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E", }, { name: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { name: "[hbase-issues] 20201116 [GitHub] [hbase] symat opened a new pull request #2661: HBASE-25261 Upgrade Bootstrap to 3.4.1", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3Cissues.hbase.apache.org%3E", }, { name: "[pulsar-commits] 20201215 [GitHub] [pulsar] yanshuchong opened a new issue #8967: CVSS issue list", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://github.com/twbs/bootstrap/pull/28236", refsource: "MISC", url: "https://github.com/twbs/bootstrap/pull/28236", }, { name: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", refsource: "MISC", url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { name: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", refsource: "CONFIRM", url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { name: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", refsource: "MISC", url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { name: "https://support.f5.com/csp/article/K24383845", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K24383845", }, { name: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&utm_medium=RSS", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-8331", datePublished: "2019-02-20T16:00:00", dateReserved: "2019-02-13T00:00:00", dateUpdated: "2024-08-04T21:17:31.342Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7061
Vulnerability from cvelistv5
Published
2020-02-27 20:25
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.php.net/bug.php?id=79171 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202003-57 | vendor-advisory, x_refsource_GENTOO | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.029Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79171", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Windows", ], product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.15", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.3", status: "affected", version: "7.4.x", versionType: "custom", }, ], }, ], configurations: [ { lang: "en", value: "Windows", }, ], credits: [ { lang: "en", value: "Reported by cmb@php.net", }, ], datePublic: "2020-02-17T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:37", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79171", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79171", ], discovery: "INTERNAL", }, title: "heap-buffer-overflow in phar_extract_file", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-02-17T16:23:00.000Z", ID: "CVE-2020-7061", STATE: "PUBLIC", TITLE: "heap-buffer-overflow in phar_extract_file", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { platform: "Windows", version_affected: "<", version_name: "7.3.x", version_value: "7.3.15", }, { platform: "Windows", version_affected: "<", version_name: "7.4.x", version_value: "7.4.3", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, configuration: [ { lang: "en", value: "Windows", }, ], credit: [ { lang: "eng", value: "Reported by cmb@php.net", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=79171", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79171", }, { name: "GLSA-202003-57", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-57", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79171", ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7061", datePublished: "2020-02-27T20:25:14.751954Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T01:21:01.352Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-34798
Vulnerability from cvelistv5
Published
2021-09-16 14:40
Modified
2024-08-04 00:26
Severity ?
EPSS score ?
Summary
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: Apache HTTP Server 2.4 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T00:26:54.014Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "DSA-4982", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-17", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.4.48", status: "affected", version: "Apache HTTP Server 2.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "The issue was discovered by the Apache HTTP security team", }, ], descriptions: [ { lang: "en", value: "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, ], metrics: [ { other: { content: { other: "moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-14T01:07:32", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "DSA-4982", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-17", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-09-16T00:00:00", value: "2.4.49 released", }, ], title: "NULL pointer dereference in httpd core", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-34798", STATE: "PUBLIC", TITLE: "NULL pointer dereference in httpd core", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache HTTP Server", version: { version_data: [ { version_affected: "<=", version_name: "Apache HTTP Server 2.4", version_value: "2.4.48", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "The issue was discovered by the Apache HTTP security team", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ { other: "moderate", }, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "http://httpd.apache.org/security/vulnerabilities_24.html", refsource: "MISC", url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "DSA-4982", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.tenable.com/security/tns-2021-17", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-17", }, { name: "https://security.netapp.com/advisory/ntap-20211008-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-20", }, ], }, source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-09-16T00:00:00", value: "2.4.49 released", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-34798", datePublished: "2021-09-16T14:40:17", dateReserved: "2021-06-16T00:00:00", dateUpdated: "2024-08-04T00:26:54.014Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5737
Vulnerability from cvelistv5
Published
2020-04-17 18:24
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/tns-2020-02 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.Sc |
Version: < 5.14.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:39:25.524Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/tns-2020-02", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Tenable.Sc", vendor: "n/a", versions: [ { status: "affected", version: "< 5.14.0", }, ], }, ], descriptions: [ { lang: "en", value: "Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.", }, ], problemTypes: [ { descriptions: [ { description: "Stored XSS", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-17T18:24:29", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/tns-2020-02", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2020-5737", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Tenable.Sc", version: { version_data: [ { version_value: "< 5.14.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Stored XSS", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/tns-2020-02", refsource: "MISC", url: "https://www.tenable.com/security/tns-2020-02", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2020-5737", datePublished: "2020-04-17T18:24:29", dateReserved: "2020-01-06T00:00:00", dateUpdated: "2024-08-04T08:39:25.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-44224
Vulnerability from cvelistv5
Published
2021-12-20 11:20
Modified
2024-08-04 04:17
Severity ?
EPSS score ?
Summary
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: 2.4.7 < Apache HTTP Server 2.4* |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:17:24.919Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { name: "FEDORA-2021-29a536c2ae", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { name: "DSA-5035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-01", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-03", }, { name: "FEDORA-2022-b4103753e9", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { name: "FEDORA-2022-21264ec6db", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { name: "FEDORA-2022-78e3211c55", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT213257", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT213256", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT213255", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { lessThan: "Apache HTTP Server 2.4*", status: "affected", version: "2.4.7", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "漂亮鼠", }, { lang: "en", value: "TengMA(@Te3t123)", }, ], descriptions: [ { lang: "en", value: "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).", }, ], metrics: [ { other: { content: { other: "moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-14T01:08:09", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { name: "FEDORA-2021-29a536c2ae", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { name: "DSA-5035", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2022-01", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2022-03", }, { name: "FEDORA-2022-b4103753e9", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { name: "FEDORA-2022-21264ec6db", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { name: "FEDORA-2022-78e3211c55", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT213257", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT213256", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT213255", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-11-18T00:00:00", value: "Reported to security team", }, { lang: "en", time: "2021-12-14T00:00:00", value: "fixed by r1895955+r1896044 in 2.4.x", }, ], title: "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-44224", STATE: "PUBLIC", TITLE: "Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache HTTP Server", version: { version_data: [ { version_affected: ">=", version_name: "Apache HTTP Server 2.4", version_value: "2.4.7", }, { version_affected: "<=", version_name: "Apache HTTP Server 2.4", version_value: "2.4.51 +1", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "漂亮鼠", }, { lang: "eng", value: "TengMA(@Te3t123)", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ { other: "moderate", }, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "http://httpd.apache.org/security/vulnerabilities_24.html", refsource: "MISC", url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "[oss-security] 20211220 CVE-2021-44224: Apache HTTP Server: Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { name: "FEDORA-2021-29a536c2ae", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { name: "DSA-5035", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5035", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20211224-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { name: "https://www.tenable.com/security/tns-2022-01", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2022-01", }, { name: "https://www.tenable.com/security/tns-2022-03", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2022-03", }, { name: "FEDORA-2022-b4103753e9", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { name: "FEDORA-2022-21264ec6db", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { name: "FEDORA-2022-78e3211c55", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://support.apple.com/kb/HT213257", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT213257", }, { name: "https://support.apple.com/kb/HT213256", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT213256", }, { name: "https://support.apple.com/kb/HT213255", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT213255", }, { name: "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/33", }, { name: "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/35", }, { name: "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2022/May/38", }, { name: "GLSA-202208-20", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-20", }, ], }, source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-11-18T00:00:00", value: "Reported to security team", }, { lang: "en", time: "2021-12-14T00:00:00", value: "fixed by r1895955+r1896044 in 2.4.x", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-44224", datePublished: "2021-12-20T11:20:13", dateReserved: "2021-11-25T00:00:00", dateUpdated: "2024-08-04T04:17:24.919Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7060
Vulnerability from cvelistv5
Published
2020-02-10 07:45
Modified
2024-09-17 03:33
Severity ?
EPSS score ?
Summary
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.112Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79037", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.2.27", status: "affected", version: "7.2.x", versionType: "custom", }, { lessThan: "7.3.14", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.2", status: "affected", version: "7.4.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by reza at iseclab dot org", }, ], datePublic: "2020-01-21T00:00:00", descriptions: [ { lang: "en", value: "When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:23", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79037", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79037", ], discovery: "EXTERNAL", }, title: "global buffer-overflow in mbfl_filt_conv_big5_wchar", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-01-21T15:21:00.000Z", ID: "CVE-2020-7060", STATE: "PUBLIC", TITLE: "global buffer-overflow in mbfl_filt_conv_big5_wchar", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.2.x", version_value: "7.2.27", }, { version_affected: "<", version_name: "7.3.x", version_value: "7.3.14", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.2", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "Reported by reza at iseclab dot org", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-57", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://security.netapp.com/advisory/ntap-20200221-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { name: "https://bugs.php.net/bug.php?id=79037", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79037", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2021/Jan/3", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79037", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7060", datePublished: "2020-02-10T07:45:14.320387Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T03:33:06.766Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-3449
Vulnerability from cvelistv5
Published
2021-03-25 14:25
Modified
2024-09-17 03:43
Severity ?
EPSS score ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T16:53:17.609Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { tags: [ "x_transferred", ], url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { name: "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { name: "DSA-4875", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { name: "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { name: "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "FEDORA-2021-cbf14ab8f9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-10", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-09", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { tags: [ "x_transferred", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-06", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-05", }, { tags: [ "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { tags: [ "x_transferred", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { name: "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "OpenSSL", vendor: "OpenSSL", versions: [ { status: "affected", version: "Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j)", }, ], }, ], credits: [ { lang: "en", value: "Peter Kästle (Nokia) and Samuel Sapalski (Nokia)", }, ], datePublic: "2021-03-25T00:00:00", descriptions: [ { lang: "en", value: "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", }, ], metrics: [ { other: { content: { lang: "eng", url: "https://www.openssl.org/policies/secpolicy.html#High", value: "High", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "NULL pointer dereference", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-21T19:05:57.096577", orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", shortName: "openssl", }, references: [ { url: "https://www.openssl.org/news/secadv/20210325.txt", }, { url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { name: "20210325 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { name: "DSA-4875", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { name: "[oss-security] 20210327 OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { name: "[oss-security] 20210327 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { name: "[oss-security] 20210328 Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processing", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { name: "GLSA-202103-03", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { name: "FEDORA-2021-cbf14ab8f9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { url: "https://www.tenable.com/security/tns-2021-10", }, { url: "https://www.tenable.com/security/tns-2021-09", }, { url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { url: "https://www.tenable.com/security/tns-2021-06", }, { url: "https://www.tenable.com/security/tns-2021-05", }, { url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { name: "[debian-lts-announce] 20210831 [SECURITY] [DLA 2751-1] postgresql-9.6 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, ], title: "NULL pointer deref in signature_algorithms processing", }, }, cveMetadata: { assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5", assignerShortName: "openssl", cveId: "CVE-2021-3449", datePublished: "2021-03-25T14:25:13.659307Z", dateReserved: "2021-03-17T00:00:00", dateUpdated: "2024-09-17T03:43:55.497Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-20076
Vulnerability from cvelistv5
Published
2021-03-03 16:30
Modified
2024-08-03 17:30
Severity ?
EPSS score ?
Summary
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/tns-2021-03 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: 5.13.0 through 5.17.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:30:07.006Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-03", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "5.13.0 through 5.17.0", }, ], }, ], descriptions: [ { lang: "en", value: "Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-03-03T16:30:39", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/tns-2021-03", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2021-20076", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Tenable.sc", version: { version_data: [ { version_value: "5.13.0 through 5.17.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/tns-2021-03", refsource: "MISC", url: "https://www.tenable.com/security/tns-2021-03", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2021-20076", datePublished: "2021-03-03T16:30:39", dateReserved: "2020-12-17T00:00:00", dateUpdated: "2024-08-03T17:30:07.006Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-33193
Vulnerability from cvelistv5
Published
2021-08-16 00:00
Modified
2024-08-03 23:42
Severity ?
EPSS score ?
Summary
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: Apache HTTP Server 2.4 2.4.17 to 2.4.48 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:42:20.253Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://portswigger.net/research/http2", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch", }, { name: "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E", }, { name: "FEDORA-2021-5d2d4b6ac5", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/", }, { name: "FEDORA-2021-f94985afca", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20210917-0004/", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-17", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-20", }, { name: "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { status: "affected", version: "Apache HTTP Server 2.4 2.4.17 to 2.4.48", }, ], }, ], credits: [ { lang: "en", value: "Reported by James Kettle of PortSwigger", }, ], descriptions: [ { lang: "en", value: "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.", }, ], metrics: [ { other: { content: { other: "moderate", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { description: "Request Splitting", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-03-03T00:00:00", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { url: "https://portswigger.net/research/http2", }, { url: "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch", }, { name: "[httpd-cvs] 20210916 [httpd-site] branch main updated: Revert \"Add descriptions for CVE-2021-33193 CVE-2021-36160\"", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E", }, { name: "[httpd-cvs] 20210916 [httpd-site] branch main updated: Add descriptions for CVE-2021-33193 CVE-2021-36160", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E", }, { name: "FEDORA-2021-5d2d4b6ac5", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/", }, { name: "FEDORA-2021-f94985afca", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20210917-0004/", }, { url: "https://www.tenable.com/security/tns-2021-17", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { name: "[debian-lts-announce] 20230303 [SECURITY] [DLA 3351-1] apache2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-05-11T00:00:00", value: "reported", }, { lang: "en", time: "2021-08-06T00:00:00", value: "public", }, ], title: "Request splitting via HTTP/2 method injection and mod_proxy", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-33193", datePublished: "2021-08-16T00:00:00", dateReserved: "2021-05-19T00:00:00", dateUpdated: "2024-08-03T23:42:20.253Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19645
Vulnerability from cvelistv5
Published
2019-12-09 15:15
Modified
2024-08-05 02:25
Severity ?
EPSS score ?
Summary
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20191223-0001/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuapr2020.html | x_refsource_MISC | |
| https://usn.ubuntu.com/4394-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:25:12.456Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "USN-4394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4394-1/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-08T14:07:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "USN-4394-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4394-1/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19645", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", refsource: "MISC", url: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", }, { name: "https://security.netapp.com/advisory/ntap-20191223-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "USN-4394-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4394-1/", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19645", datePublished: "2019-12-09T15:15:57", dateReserved: "2019-12-08T00:00:00", dateUpdated: "2024-08-05T02:25:12.456Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-24493
Vulnerability from cvelistv5
Published
2023-01-25 00:00
Modified
2025-04-01 14:57
Severity ?
EPSS score ?
Summary
A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: Tenable.sc versions 5.23.1 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:56:04.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-24493", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-01T14:57:19.774149Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-01T14:57:24.584Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "Tenable.sc versions 5.23.1 and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host.", }, ], problemTypes: [ { descriptions: [ { description: "Formula injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00.000Z", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { url: "https://www.tenable.com/security/tns-2023-03", }, ], }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2023-24493", datePublished: "2023-01-25T00:00:00.000Z", dateReserved: "2023-01-24T00:00:00.000Z", dateUpdated: "2025-04-01T14:57:24.584Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11043
Vulnerability from cvelistv5
Published
2019-10-28 14:19
Modified
2025-02-07 13:17
Severity ?
EPSS score ?
Summary
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.064Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/neex/phuip-fpizdam", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=78599", }, { name: "USN-4166-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4166-1/", }, { name: "DSA-4552", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4552", }, { name: "DSA-4553", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4553", }, { name: "USN-4166-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4166-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS", }, { name: "FEDORA-2019-4adc49a476", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191031-0003/", }, { name: "RHSA-2019:3286", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3286", }, { name: "RHSA-2019:3287", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3287", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { name: "RHSA-2019:3300", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3300", }, { name: "FEDORA-2019-187ae3128d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", }, { name: "FEDORA-2019-7bb07c3b02", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", }, { name: "openSUSE-SU-2019:2441", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", }, { name: "RHSA-2019:3724", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3724", }, { name: "RHSA-2019:3735", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3735", }, { name: "RHSA-2019:3736", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3736", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_36", }, { name: "openSUSE-SU-2019:2457", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210919", }, { name: "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Jan/44", }, { name: "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2020/Jan/40", }, { name: "RHSA-2020:0322", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0322", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-11043", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-07T13:08:21.298475Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2022-03-25", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-11043", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-07T13:17:23.329Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP", versions: [ { lessThan: "7.1.33", status: "affected", version: "7.1.x", versionType: "custom", }, { lessThan: "7.2.24", status: "affected", version: "7.2.x", versionType: "custom", }, { lessThan: "7.3.11", status: "affected", version: "7.3.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by Emil Lerner.", }, ], datePublic: "2019-10-22T00:00:00.000Z", descriptions: [ { lang: "en", value: "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.", }, ], exploits: [ { lang: "en", value: "Exploit described at https://github.com/neex/phuip-fpizdam", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:18.000Z", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/neex/phuip-fpizdam", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=78599", }, { name: "USN-4166-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4166-1/", }, { name: "DSA-4552", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4552", }, { name: "DSA-4553", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4553", }, { name: "USN-4166-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4166-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS", }, { name: "FEDORA-2019-4adc49a476", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191031-0003/", }, { name: "RHSA-2019:3286", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3286", }, { name: "RHSA-2019:3287", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3287", }, { name: "RHSA-2019:3299", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { name: "RHSA-2019:3300", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3300", }, { name: "FEDORA-2019-187ae3128d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", }, { name: "FEDORA-2019-7bb07c3b02", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", }, { name: "openSUSE-SU-2019:2441", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", }, { name: "RHSA-2019:3724", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3724", }, { name: "RHSA-2019:3735", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3735", }, { name: "RHSA-2019:3736", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3736", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_36", }, { name: "openSUSE-SU-2019:2457", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210919", }, { name: "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Jan/44", }, { name: "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2020/Jan/40", }, { name: "RHSA-2020:0322", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0322", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=78599", ], discovery: "EXTERNAL", }, title: "Underflow in PHP-FPM can lead to RCE", workarounds: [ { lang: "en", value: "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening.", }, ], x_generator: { engine: "Vulnogram 0.0.8", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2019-10-22T03:18:00.000Z", ID: "CVE-2019-11043", STATE: "PUBLIC", TITLE: "Underflow in PHP-FPM can lead to RCE", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.1.x", version_value: "7.1.33", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.24", }, { version_affected: "<", version_name: "7.3.x", version_value: "7.3.11", }, ], }, }, ], }, vendor_name: "PHP", }, ], }, }, credit: [ { lang: "eng", value: "Reported by Emil Lerner.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.", }, ], }, exploit: [ { lang: "en", value: "Exploit described at https://github.com/neex/phuip-fpizdam", }, ], generator: { engine: "Vulnogram 0.0.8", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120 Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/neex/phuip-fpizdam", refsource: "MISC", url: "https://github.com/neex/phuip-fpizdam", }, { name: "https://bugs.php.net/bug.php?id=78599", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=78599", }, { name: "USN-4166-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4166-1/", }, { name: "DSA-4552", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4552", }, { name: "DSA-4553", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4553", }, { name: "USN-4166-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4166-2/", }, { name: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&utm_medium=RSS", }, { name: "FEDORA-2019-4adc49a476", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", }, { name: "https://security.netapp.com/advisory/ntap-20191031-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191031-0003/", }, { name: "RHSA-2019:3286", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3286", }, { name: "RHSA-2019:3287", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3287", }, { name: "RHSA-2019:3299", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { name: "RHSA-2019:3300", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3300", }, { name: "FEDORA-2019-187ae3128d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", }, { name: "FEDORA-2019-7bb07c3b02", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", }, { name: "openSUSE-SU-2019:2441", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", }, { name: "RHSA-2019:3724", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3724", }, { name: "RHSA-2019:3735", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3735", }, { name: "RHSA-2019:3736", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3736", }, { name: "https://www.synology.com/security/advisory/Synology_SA_19_36", refsource: "CONFIRM", url: "https://www.synology.com/security/advisory/Synology_SA_19_36", }, { name: "openSUSE-SU-2019:2457", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", }, { name: "https://support.apple.com/kb/HT210919", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210919", }, { name: "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Jan/44", }, { name: "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2020/Jan/40", }, { name: "RHSA-2020:0322", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0322", }, { name: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=78599", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "Configuring nginx (or other server that implements the front-end part of the FPM protocol) to check for the existence of the target file before passing it to PHP FPM (e.g. \"try_files $uri =404\" or \"if (-f $uri)\" in nginx) for would prevent this vulnerability from happening.", }, ], }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2019-11043", datePublished: "2019-10-28T14:19:04.252Z", dateReserved: "2019-04-09T00:00:00.000Z", dateUpdated: "2025-02-07T13:17:23.329Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19646
Vulnerability from cvelistv5
Published
2019-12-09 18:36
Modified
2024-08-05 02:25
Severity ?
EPSS score ?
Summary
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sqlite.org/ | x_refsource_MISC | |
| https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd | x_refsource_MISC | |
| https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20191223-0001/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuapr2020.html | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM | |
| https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:25:12.306Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sqlite.org/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-08T14:08:24", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.sqlite.org/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19646", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.sqlite.org/", refsource: "MISC", url: "https://www.sqlite.org/", }, { name: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", refsource: "MISC", url: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", }, { name: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", refsource: "MISC", url: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", }, { name: "https://security.netapp.com/advisory/ntap-20191223-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19646", datePublished: "2019-12-09T18:36:18", dateReserved: "2019-12-08T00:00:00", dateUpdated: "2024-08-05T02:25:12.306Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41116
Vulnerability from cvelistv5
Published
2021-10-05 17:40
Modified
2024-08-04 02:59
Severity ?
EPSS score ?
Summary
Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf | x_refsource_CONFIRM | |
| https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa | x_refsource_MISC | |
| https://www.sonarsource.com/blog/securing-developer-tools-package-managers/ | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:59:31.440Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", }, { name: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", }, { name: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "composer", vendor: "composer", versions: [ { status: "affected", version: "< 1.10.23", }, { status: "affected", version: ">= 2.0, < 2.1.9", }, ], }, ], descriptions: [ { lang: "en", value: "Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-24T23:04:26.576Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", }, { name: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", tags: [ "x_refsource_MISC", ], url: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", }, { name: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", tags: [ "x_refsource_MISC", ], url: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", }, ], source: { advisory: "GHSA-frqg-7g38-6gcf", discovery: "UNKNOWN", }, title: "Command injection in composer on Windows", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41116", datePublished: "2021-10-05T17:40:10", dateReserved: "2021-09-15T00:00:00", dateUpdated: "2024-08-04T02:59:31.440Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7070
Vulnerability from cvelistv5
Published
2020-10-02 14:14
Modified
2024-09-16 16:28
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.034Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hackerone.com/reports/895727", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79699", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://cve.circl.lu/cve/CVE-2020-8184", }, { name: "FEDORA-2020-4573f0e03a", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "[debian-lts-announce] 20201006 [SECURITY] [DLA 2397-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html", }, { name: "FEDORA-2020-4fe6b116e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.23", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.11", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "7.2.34", status: "affected", version: "7.2.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by fletchto99 at gmail dot com", }, ], datePublic: "2020-09-29T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-20T10:40:14", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://hackerone.com/reports/895727", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79699", }, { tags: [ "x_refsource_MISC", ], url: "http://cve.circl.lu/cve/CVE-2020-8184", }, { name: "FEDORA-2020-4573f0e03a", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "[debian-lts-announce] 20201006 [SECURITY] [DLA 2397-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html", }, { name: "FEDORA-2020-4fe6b116e5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79699", ], discovery: "EXTERNAL", }, title: "PHP parses encoded cookie names so malicious `__Host-` cookies can be sent", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-09-29T06:12:00.000Z", ID: "CVE-2020-7070", STATE: "PUBLIC", TITLE: "PHP parses encoded cookie names so malicious `__Host-` cookies can be sent", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.23", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.11", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.34", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "Reported by fletchto99 at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://hackerone.com/reports/895727", refsource: "MISC", url: "https://hackerone.com/reports/895727", }, { name: "https://bugs.php.net/bug.php?id=79699", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79699", }, { name: "http://cve.circl.lu/cve/CVE-2020-8184", refsource: "MISC", url: "http://cve.circl.lu/cve/CVE-2020-8184", }, { name: "FEDORA-2020-4573f0e03a", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { name: "[debian-lts-announce] 20201006 [SECURITY] [DLA 2397-1] php7.0 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html", }, { name: "FEDORA-2020-4fe6b116e5", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { name: "FEDORA-2020-94763cb98b", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { name: "openSUSE-SU-2020:1703", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { name: "USN-4583-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4583-1/", }, { name: "openSUSE-SU-2020:1767", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { name: "GLSA-202012-16", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202012-16", }, { name: "DSA-4856", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4856", }, { name: "https://security.netapp.com/advisory/ntap-20201016-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79699", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7070", datePublished: "2020-10-02T14:14:45.406433Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-16T16:28:36.773Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7068
Vulnerability from cvelistv5
Published
2020-09-09 17:58
Modified
2024-09-17 00:36
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.php.net/bug.php?id=79797 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202009-10 | vendor-advisory, x_refsource_GENTOO | |
| https://security.netapp.com/advisory/ntap-20200918-0005/ | x_refsource_CONFIRM | |
| https://www.debian.org/security/2021/dsa-4856 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.035Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79797", }, { name: "GLSA-202009-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202009-10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200918-0005/", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.21", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.9", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "7.2.33", status: "affected", version: "7.2.x", versionType: "custom", }, ], }, ], configurations: [ { lang: "en", value: "phar extension must be enabled", }, ], credits: [ { lang: "en", value: "grigoritchy at gmail dot com", }, ], datePublic: "2020-08-03T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:33", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79797", }, { name: "GLSA-202009-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202009-10", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200918-0005/", }, { name: "DSA-4856", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79797", ], discovery: "EXTERNAL", }, title: "Use of freed hash key in the phar_parse_zipfile function", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-08-03T16:16:00.000Z", ID: "CVE-2020-7068", STATE: "PUBLIC", TITLE: "Use of freed hash key in the phar_parse_zipfile function", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.21", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.9", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.33", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, configuration: [ { lang: "en", value: "phar extension must be enabled", }, ], credit: [ { lang: "eng", value: "grigoritchy at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=79797", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79797", }, { name: "GLSA-202009-10", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202009-10", }, { name: "https://security.netapp.com/advisory/ntap-20200918-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200918-0005/", }, { name: "DSA-4856", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4856", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79797", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7068", datePublished: "2020-09-09T17:58:42.837584Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T00:36:03.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-23358
Vulnerability from cvelistv5
Published
2021-03-29 13:15
Modified
2024-09-17 03:47
Severity ?
EPSS score ?
Summary
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | underscore |
Version: 1.13.0-0 < unspecified Version: unspecified < 1.13.0-2 Version: 1.3.2 < unspecified Version: unspecified < 1.12.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-08T13:05:14.728Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", }, { name: "[debian-lts-announce] 20210331 [SECURITY] [DLA 2613-1] underscore security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html", }, { name: "DSA-4883", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4883", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek closed issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley opened a new issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley edited a comment on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, { name: "FEDORA-2021-e49f936d9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/", }, { name: "FEDORA-2021-f278299902", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/", }, { url: "https://security.netapp.com/advisory/ntap-20240808-0003/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-23358", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-08-29T15:48:41.938375Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-29T15:48:53.476Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "underscore", vendor: "n/a", versions: [ { lessThan: "unspecified", status: "affected", version: "1.13.0-0", versionType: "custom", }, { lessThan: "1.13.0-2", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "1.3.2", versionType: "custom", }, { lessThan: "1.12.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Alessio Della Libera (@d3lla)", }, ], datePublic: "2021-03-29T00:00:00", descriptions: [ { lang: "en", value: "The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "LOW", privilegesRequired: "HIGH", remediationLevel: "OFFICIAL_FIX", reportConfidence: "CONFIRMED", scope: "UNCHANGED", temporalScore: 3, temporalSeverity: "LOW", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Arbitrary Code Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-08-24T04:06:09", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", }, { tags: [ "x_refsource_MISC", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", }, { name: "[debian-lts-announce] 20210331 [SECURITY] [DLA 2613-1] underscore security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html", }, { name: "DSA-4883", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4883", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek closed issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley opened a new issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley edited a comment on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, { name: "FEDORA-2021-e49f936d9f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/", }, { name: "FEDORA-2021-f278299902", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/", }, ], title: "Arbitrary Code Injection", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "report@snyk.io", DATE_PUBLIC: "2021-03-29T13:13:50.579077Z", ID: "CVE-2021-23358", STATE: "PUBLIC", TITLE: "Arbitrary Code Injection", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "underscore", version: { version_data: [ { version_affected: ">=", version_value: "1.13.0-0", }, { version_affected: "<", version_value: "1.13.0-2", }, { version_affected: ">=", version_value: "1.3.2", }, { version_affected: "<", version_value: "1.12.1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, credit: [ { lang: "eng", value: "Alessio Della Libera (@d3lla)", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Arbitrary Code Injection", }, ], }, ], }, references: { reference_data: [ { name: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", }, { name: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", refsource: "MISC", url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", }, { name: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", refsource: "MISC", url: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", }, { name: "[debian-lts-announce] 20210331 [SECURITY] [DLA 2613-1] underscore security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html", }, { name: "DSA-4883", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4883", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek closed issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf@%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] breautek commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1@%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley opened a new issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", refsource: "MLIST", url: "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba@%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley commented on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039@%3Cissues.cordova.apache.org%3E", }, { name: "[cordova-issues] 20210414 [GitHub] [cordova-common] RichardMcSorley edited a comment on issue #163: Security Vulnerability in underscore <= 1.12.0 CVE-2021-23358", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306@%3Cissues.cordova.apache.org%3E", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, { name: "FEDORA-2021-e49f936d9f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/", }, { name: "FEDORA-2021-f278299902", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2021-23358", datePublished: "2021-03-29T13:15:34.770665Z", dateReserved: "2021-01-08T00:00:00", dateUpdated: "2024-09-17T03:47:56.577Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-41182
Vulnerability from cvelistv5
Published
2021-10-26 00:00
Modified
2025-02-13 16:28
Severity ?
EPSS score ?
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:59:31.655Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc", }, { tags: [ "x_transferred", ], url: "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63", }, { tags: [ "x_transferred", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { name: "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-core-2022-002", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { tags: [ "x_transferred", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jquery-ui", vendor: "jquery", versions: [ { status: "affected", version: "< 1.13.0", }, ], }, ], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-08-31T02:06:24.588Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc", }, { url: "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63", }, { url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { name: "FEDORA-2021-51c256bf87", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { name: "FEDORA-2021-ab38307fc3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { name: "FEDORA-2021-013ab302be", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { name: "[debian-lts-announce] 20220119 [SECURITY] [DLA-2889-1] drupal7 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { url: "https://www.drupal.org/sa-core-2022-002", }, { url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { url: "https://www.drupal.org/sa-contrib-2022-004", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-9d655503ea", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { name: "FEDORA-2022-bf18450366", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, ], source: { advisory: "GHSA-9gj3-hwp5-pmwc", discovery: "UNKNOWN", }, title: "XSS in the `altField` option of the Datepicker widget", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-41182", datePublished: "2021-10-26T00:00:00.000Z", dateReserved: "2021-09-15T00:00:00.000Z", dateUpdated: "2025-02-13T16:28:30.239Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7063
Vulnerability from cvelistv5
Published
2020-02-27 20:25
Modified
2024-09-16 16:49
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.php.net/bug.php?id=79082 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202003-57 | vendor-advisory, x_refsource_GENTOO | |
| https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4330-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.debian.org/security/2020/dsa-4717 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.debian.org/security/2020/dsa-4719 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.000Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79082", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-57", }, { name: "[debian-lts-announce] 20200326 [SECURITY] [DLA 2160-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html", }, { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.15", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.3", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "7.2.28", status: "affected", version: "7.2.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by dr at loopia dot rs", }, ], datePublic: "2020-02-17T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281 Improper Preservation of Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:11", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79082", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-57", }, { name: "[debian-lts-announce] 20200326 [SECURITY] [DLA 2160-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html", }, { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79082", ], discovery: "EXTERNAL", }, title: "Files added to tar with Phar::buildFromIterator have all-access permissions", workarounds: [ { lang: "en", value: "Use different Phar class functions to compose the archive, such as addFile(), or reset file permissions upon extracting files from the archive.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-02-17T16:21:00.000Z", ID: "CVE-2020-7063", STATE: "PUBLIC", TITLE: "Files added to tar with Phar::buildFromIterator have all-access permissions", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.15", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.3", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.28", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "Reported by dr at loopia dot rs", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-281 Improper Preservation of Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.php.net/bug.php?id=79082", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79082", }, { name: "openSUSE-SU-2020:0341", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-57", }, { name: "[debian-lts-announce] 20200326 [SECURITY] [DLA 2160-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html", }, { name: "USN-4330-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-1/", }, { name: "DSA-4717", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4719", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79082", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "Use different Phar class functions to compose the archive, such as addFile(), or reset file permissions upon extracting files from the archive.", }, ], }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7063", datePublished: "2020-02-27T20:25:15.606064Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-16T16:49:14.274Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0524
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2025-03-27 14:40
Severity ?
EPSS score ?
Summary
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have resolved the issue and also made several defense-in-depth fixes alongside. While the probability of successful exploitation is low, Tenable is committed to securing our customers’ environments and our products. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202212212055.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.io, Tenable.sc, Nessus |
Version: Tenable plugin feed serial numbers less than #202212212055. |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:17:49.416Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2023-04", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-0524", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-27T14:39:16.760487Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-27T14:40:00.312Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Tenable.io, Tenable.sc, Nessus", vendor: "n/a", versions: [ { status: "affected", version: "Tenable plugin feed serial numbers less than #202212212055.", }, ], }, ], descriptions: [ { lang: "en", value: "As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have resolved the issue and also made several defense-in-depth fixes alongside. While the probability of successful exploitation is low, Tenable is committed to securing our customers’ environments and our products. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202212212055.", }, ], problemTypes: [ { descriptions: [ { description: "Privilege Escalation", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-02-01T00:00:00.000Z", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { url: "https://www.tenable.com/security/tns-2023-04", }, ], }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2023-0524", datePublished: "2023-02-01T00:00:00.000Z", dateReserved: "2023-01-27T00:00:00.000Z", dateUpdated: "2025-03-27T14:40:00.312Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-19919
Vulnerability from cvelistv5
Published
2019-12-20 22:50
Modified
2024-08-05 02:32
Severity ?
EPSS score ?
Summary
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.npmjs.com/advisories/1164 | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T02:32:09.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.npmjs.com/advisories/1164", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:21", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.npmjs.com/advisories/1164", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-19919", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.npmjs.com/advisories/1164", refsource: "MISC", url: "https://www.npmjs.com/advisories/1164", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-19919", datePublished: "2019-12-20T22:50:39", dateReserved: "2019-12-20T00:00:00", dateUpdated: "2024-08-05T02:32:09.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21707
Vulnerability from cvelistv5
Published
2021-11-29 06:25
Modified
2024-09-17 03:38
Severity ?
EPSS score ?
Summary
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:23:28.471Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79971", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211223-0005/", }, { name: "DSA-5082", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5082", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.33", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.26", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "8.0.13", status: "affected", version: "8.0.X", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by rawataman6525 at gmail dot com", }, ], datePublic: "2021-11-15T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-159", description: "CWE-159 Failure to Sanitize Special Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-15T00:00:00", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { url: "https://bugs.php.net/bug.php?id=79971", }, { url: "https://security.netapp.com/advisory/ntap-20211223-0005/", }, { name: "DSA-5082", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5082", }, { url: "https://www.tenable.com/security/tns-2022-09", }, { name: "[debian-lts-announce] 20221215 [SECURITY] [DLA 3243-1] php7.3 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html", }, ], source: { advisory: "https://bugs.php.net/bug.php?id=79971", defect: [ "https://bugs.php.net/bug.php?id=79971", ], discovery: "EXTERNAL", }, title: "Special characters break path parsing in XML functions", x_generator: { engine: "Vulnogram 0.0.9", }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2021-21707", datePublished: "2021-11-29T06:25:08.814960Z", dateReserved: "2021-01-04T00:00:00", dateUpdated: "2024-09-17T03:38:22.394Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7067
Vulnerability from cvelistv5
Published
2020-04-27 20:38
Modified
2024-09-17 02:21
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.debian.org/security/2020/dsa-4717 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.debian.org/security/2020/dsa-4719 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.oracle.com/security-alerts/cpuoct2020.html | x_refsource_MISC | |
| https://bugs.php.net/bug.php?id=79465 | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20200504-0001/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuApr2021.html | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.020Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79465", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { status: "affected", version: "7.2.x below 7.2.30", }, { status: "affected", version: "7.3.x below 7.3.17 and 7.4.x below 7.4.5", }, ], }, ], credits: [ { lang: "en", value: "bigshaq at wearehackerone dot com", }, ], datePublic: "2020-04-14T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-196", description: "CWE-196 Unsigned to Signed Conversion Error", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:31", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.php.net/bug.php?id=79465", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79465", ], discovery: "EXTERNAL", }, title: "OOB Read in urldecode()", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-04-14T03:10:00.000Z", ID: "CVE-2020-7067", STATE: "PUBLIC", TITLE: "OOB Read in urldecode()", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_value: "7.2.x below 7.2.30", }, { version_value: "7.3.x below 7.3.17 and 7.4.x below 7.4.5", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "bigshaq at wearehackerone dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, { description: [ { lang: "eng", value: "CWE-196 Unsigned to Signed Conversion Error", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4717", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4719", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://bugs.php.net/bug.php?id=79465", refsource: "CONFIRM", url: "https://bugs.php.net/bug.php?id=79465", }, { name: "https://security.netapp.com/advisory/ntap-20200504-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79465", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7067", datePublished: "2020-04-27T20:38:39.634265Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T02:21:12.549Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40438
Vulnerability from cvelistv5
Published
2021-09-16 14:40
Modified
2025-02-06 21:09
Severity ?
EPSS score ?
Summary
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Version: Apache HTTP Server 2.4 < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:44:10.131Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", }, { name: "DSA-4982", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-17", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2021-40438", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-02-06T21:08:29.032806Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2021-12-01", reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2021-40438", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-02-06T21:09:00.866Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Apache HTTP Server", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.4.48", status: "affected", version: "Apache HTTP Server 2.4", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160", }, ], descriptions: [ { lang: "en", value: "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, ], metrics: [ { other: { content: { other: "high", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-08-14T01:07:57.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", }, { name: "DSA-4982", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-17", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202208-20", }, ], source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-09-16T00:00:00", value: "2.4.49 released", }, ], title: "mod_proxy SSRF", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-40438", STATE: "PUBLIC", TITLE: "mod_proxy SSRF", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache HTTP Server", version: { version_data: [ { version_affected: "<=", version_name: "Apache HTTP Server 2.4", version_value: "2.4.48", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "The issue was discovered by the Apache HTTP security team while analysing CVE-2021-36160", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ { other: "high", }, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-918 Server Side Request Forgery (SSRF)", }, ], }, ], }, references: { reference_data: [ { name: "https://httpd.apache.org/security/vulnerabilities_24.html", refsource: "MISC", url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { name: "FEDORA-2021-dce7e7738e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { name: "[httpd-users] 20210923 [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20210923 Re: [users@httpd] Re: [External] : [users@httpd] 2.4.49 security fixes: more info", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3Cusers.httpd.apache.org%3E", }, { name: "FEDORA-2021-e3f6dd670d", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { name: "[debian-lts-announce] 20211002 [SECURITY] [DLA 2776-1] apache2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { name: "[httpd-bugs] 20211008 [Bug 65616] CVE-2021-36160 regression", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3Cbugs.httpd.apache.org%3E", }, { name: "DSA-4982", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-4982", }, { name: "[httpd-users] 20211019 [users@httpd] Regarding CVE-2021-40438", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3Cusers.httpd.apache.org%3E", }, { name: "[httpd-users] 20211019 Re: [users@httpd] Regarding CVE-2021-40438", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3Cusers.httpd.apache.org%3E", }, { name: "20211124 Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.tenable.com/security/tns-2021-17", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-17", }, { name: "https://security.netapp.com/advisory/ntap-20211008-0004/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { name: "GLSA-202208-20", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202208-20", }, ], }, source: { discovery: "UNKNOWN", }, timeline: [ { lang: "en", time: "2021-09-16T00:00:00", value: "2.4.49 released", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-40438", datePublished: "2021-09-16T14:40:23.000Z", dateReserved: "2021-09-02T00:00:00.000Z", dateUpdated: "2025-02-06T21:09:00.866Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24785
Vulnerability from cvelistv5
Published
2022-04-04 00:00
Modified
2025-04-23 18:42
Severity ?
EPSS score ?
Summary
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.533Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", }, { tags: [ "x_transferred", ], url: "https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5", }, { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220513-0006/", }, { name: "FEDORA-2022-85aa8e5706", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/", }, { name: "FEDORA-2022-35b698150c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-24785", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T15:56:10.022369Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T18:42:13.669Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "moment", vendor: "moment", versions: [ { status: "affected", version: ">= 1.0.1, < 2.29.2", }, ], }, ], descriptions: [ { lang: "en", value: "Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-27", description: "CWE-27: Path Traversal: 'dir/../../filename'", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-31T00:00:00.000Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", }, { url: "https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5", }, { url: "https://www.tenable.com/security/tns-2022-09", }, { url: "https://security.netapp.com/advisory/ntap-20220513-0006/", }, { name: "FEDORA-2022-85aa8e5706", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/", }, { name: "FEDORA-2022-35b698150c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3295-1] node-moment security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html", }, ], source: { advisory: "GHSA-8hfj-j24r-96c4", discovery: "UNKNOWN", }, title: "Path Traversal in Moment.js", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24785", datePublished: "2022-04-04T00:00:00.000Z", dateReserved: "2022-02-10T00:00:00.000Z", dateUpdated: "2025-04-23T18:42:13.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-24494
Vulnerability from cvelistv5
Published
2023-01-25 00:00
Modified
2025-04-01 14:56
Severity ?
EPSS score ?
Summary
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: Tenable.sc versions 5.23.1 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:56:04.240Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-24494", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-01T14:56:16.515271Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-01T14:56:19.961Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "Tenable.sc versions 5.23.1 and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.", }, ], problemTypes: [ { descriptions: [ { description: "Stored Cross Site Scripting (XSS)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00.000Z", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { url: "https://www.tenable.com/security/tns-2023-03", }, ], }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2023-24494", datePublished: "2023-01-25T00:00:00.000Z", dateReserved: "2023-01-24T00:00:00.000Z", dateUpdated: "2025-04-01T14:56:19.961Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7065
Vulnerability from cvelistv5
Published
2020-04-01 03:35
Modified
2024-09-17 04:25
Severity ?
EPSS score ?
Summary
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
References
| ▼ | URL | Tags |
|---|---|---|
| https://usn.ubuntu.com/4330-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/4330-2/ | vendor-advisory, x_refsource_UBUNTU | |
| https://www.debian.org/security/2020/dsa-4719 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.netapp.com/advisory/ntap-20200403-0001/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpuoct2021.html | x_refsource_MISC | |
| https://bugs.php.net/bug.php?id=79371 | x_refsource_MISC | |
| https://www.php.net/ChangeLog-7.php#7.4.4 | x_refsource_CONFIRM | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:02.991Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79371", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.php.net/ChangeLog-7.php#7.4.4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.16", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.4", status: "affected", version: "7.4.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "anatoly dot trosinenko at gmail dot com", }, ], datePublic: "2020-03-17T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-121", description: "CWE-121 Stack-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-10-20T10:40:12", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79371", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.php.net/ChangeLog-7.php#7.4.4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79371", ], discovery: "EXTERNAL", }, title: "mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-03-17T05:39:00.000Z", ID: "CVE-2020-7065", STATE: "PUBLIC", TITLE: "mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.16", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.4", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "anatoly dot trosinenko at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-121 Stack-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "USN-4330-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-2/", }, { name: "DSA-4719", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4719", }, { name: "https://security.netapp.com/advisory/ntap-20200403-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { name: "https://www.oracle.com/security-alerts/cpuoct2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { name: "https://bugs.php.net/bug.php?id=79371", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79371", }, { name: "https://www.php.net/ChangeLog-7.php#7.4.4", refsource: "CONFIRM", url: "https://www.php.net/ChangeLog-7.php#7.4.4", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79371", ], discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7065", datePublished: "2020-04-01T03:35:13.554348Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T04:25:45.769Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-24495
Vulnerability from cvelistv5
Published
2023-01-25 00:00
Modified
2025-03-27 19:59
Severity ?
EPSS score ?
Summary
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: Tenable.sc versions 5.23.1 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:56:04.296Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-24495", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-27T19:57:50.348387Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-918", description: "CWE-918 Server-Side Request Forgery (SSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-27T19:59:14.608Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "Tenable.sc versions 5.23.1 and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.", }, ], problemTypes: [ { descriptions: [ { description: "Server Side Request Forgery (SSRF)", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00.000Z", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { url: "https://www.tenable.com/security/tns-2023-03", }, ], }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2023-24495", datePublished: "2023-01-25T00:00:00.000Z", dateReserved: "2023-01-24T00:00:00.000Z", dateUpdated: "2025-03-27T19:59:14.608Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-24828
Vulnerability from cvelistv5
Published
2022-04-13 21:00
Modified
2025-04-23 18:40
Severity ?
EPSS score ?
Summary
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6 | x_refsource_CONFIRM | |
| https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709 | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2022-09 | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/ | vendor-advisory, x_refsource_FEDORA | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/ | vendor-advisory, x_refsource_FEDORA |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:20:50.547Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-617a6df23e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/", }, { name: "FEDORA-2022-47d2e7da46", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/", }, { name: "FEDORA-2022-60ec715192", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-24828", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T15:54:27.059100Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T18:40:09.513Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "composer", vendor: "composer", versions: [ { status: "affected", version: "< 1.10.26", }, { status: "affected", version: ">= 2.0.0, < 2.2.12", }, { status: "affected", version: ">= 2.3, < 2.3.6", }, ], }, ], descriptions: [ { lang: "en", value: "Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-07T07:06:21.000Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-617a6df23e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/", }, { name: "FEDORA-2022-47d2e7da46", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/", }, { name: "FEDORA-2022-60ec715192", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/", }, ], source: { advisory: "GHSA-x7cr-6qr6-2hh6", discovery: "UNKNOWN", }, title: "Missing input validation can lead to command execution in composer", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2022-24828", STATE: "PUBLIC", TITLE: "Missing input validation can lead to command execution in composer", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "composer", version: { version_data: [ { version_value: "< 1.10.26", }, { version_value: ">= 2.0.0, < 2.2.12", }, { version_value: ">= 2.3, < 2.3.6", }, ], }, }, ], }, vendor_name: "composer", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", refsource: "CONFIRM", url: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", }, { name: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", refsource: "MISC", url: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", }, { name: "https://www.tenable.com/security/tns-2022-09", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2022-09", }, { name: "FEDORA-2022-617a6df23e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/", }, { name: "FEDORA-2022-47d2e7da46", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/", }, { name: "FEDORA-2022-60ec715192", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/", }, ], }, source: { advisory: "GHSA-x7cr-6qr6-2hh6", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-24828", datePublished: "2022-04-13T21:00:22.000Z", dateReserved: "2022-02-10T00:00:00.000Z", dateUpdated: "2025-04-23T18:40:09.513Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7059
Vulnerability from cvelistv5
Published
2020-02-10 07:45
Modified
2024-09-17 02:37
Severity ?
EPSS score ?
Summary
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.078Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79099", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.2.27", status: "affected", version: "7.2.x", versionType: "custom", }, { lessThan: "7.3.14", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.2", status: "affected", version: "7.4.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Reported by wxhusst at gmail dot com", }, ], datePublic: "2020-01-21T00:00:00", descriptions: [ { lang: "en", value: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:28", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-57", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79099", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79099", ], discovery: "EXTERNAL", }, title: "OOB read in php_strip_tags_ex", workarounds: [ { lang: "en", value: "Usage of fgetss() has been DEPRECATED as of PHP 7.3.0. Please use strip_tags() or other means sanitizing HTML code.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-01-21T15:21:00.000Z", ID: "CVE-2020-7059", STATE: "PUBLIC", TITLE: "OOB read in php_strip_tags_ex", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.2.x", version_value: "7.2.27", }, { version_affected: "<", version_name: "7.3.x", version_value: "7.3.14", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.2", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "Reported by wxhusst at gmail dot com", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "20200218 [SECURITY] [DSA 4626-1] php7.3 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Feb/27", }, { name: "DSA-4626", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4626", }, { name: "USN-4279-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4279-1/", }, { name: "DSA-4628", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4628", }, { name: "20200219 [SECURITY] [DSA 4628-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2020/Feb/31", }, { name: "[debian-lts-announce] 20200228 [SECURITY] [DLA 2124-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { name: "openSUSE-SU-2020:0341", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { name: "GLSA-202003-57", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-57", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://bugs.php.net/bug.php?id=79099", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79099", }, { name: "https://security.netapp.com/advisory/ntap-20200221-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { name: "20210116 Re: [SECURITY] [DSA 4628-1] php7.0 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2021/Jan/3", }, { name: "https://www.oracle.com/security-alerts/cpuApr2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79099", ], discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "Usage of fgetss() has been DEPRECATED as of PHP 7.3.0. Please use strip_tags() or other means sanitizing HTML code.", }, ], }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7059", datePublished: "2020-02-10T07:45:13.921535Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-17T02:37:14.052Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5808
Vulnerability from cvelistv5
Published
2020-12-21 17:45
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tenable.com/security/tns-2020-11 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: All versions prior to 5.17.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:39:25.862Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tenable.com/security/tns-2020-11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "All versions prior to 5.17.0", }, ], }, ], descriptions: [ { lang: "en", value: "In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.", }, ], problemTypes: [ { descriptions: [ { description: "Improper Access Control", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-21T17:45:49", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tenable.com/security/tns-2020-11", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vulnreport@tenable.com", ID: "CVE-2020-5808", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Tenable.sc", version: { version_data: [ { version_value: "All versions prior to 5.17.0", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Improper Access Control", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tenable.com/security/tns-2020-11", refsource: "MISC", url: "https://www.tenable.com/security/tns-2020-11", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2020-5808", datePublished: "2020-12-21T17:45:49", dateReserved: "2020-01-06T00:00:00", dateUpdated: "2024-08-04T08:39:25.862Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-7064
Vulnerability from cvelistv5
Published
2020-04-01 03:35
Modified
2024-09-16 23:56
Severity ?
EPSS score ?
Summary
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/4330-1/ | vendor-advisory, x_refsource_UBUNTU | |
| https://usn.ubuntu.com/4330-2/ | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2020/dsa-4717 | vendor-advisory, x_refsource_DEBIAN | |
| https://www.debian.org/security/2020/dsa-4719 | vendor-advisory, x_refsource_DEBIAN | |
| https://bugs.php.net/bug.php?id=79282 | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20200403-0001/ | x_refsource_CONFIRM | |
| https://www.oracle.com/security-alerts/cpujan2021.html | x_refsource_MISC | |
| https://www.tenable.com/security/tns-2021-14 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:18:03.133Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugs.php.net/bug.php?id=79282", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "PHP", vendor: "PHP Group", versions: [ { lessThan: "7.3.16", status: "affected", version: "7.3.x", versionType: "custom", }, { lessThan: "7.4.4", status: "affected", version: "7.4.x", versionType: "custom", }, { lessThan: "7.2.29", status: "affected", version: "7.2.x", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "From https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19581", }, ], datePublic: "2020-02-17T00:00:00", descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-22T17:07:08", orgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", shortName: "php", }, references: [ { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { tags: [ "x_refsource_MISC", ], url: "https://bugs.php.net/bug.php?id=79282", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], source: { defect: [ "https://bugs.php.net/bug.php?id=79282", ], discovery: "INTERNAL", }, title: "Use-of-uninitialized-value in exif", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@php.net", DATE_PUBLIC: "2020-02-17T16:23:00.000Z", ID: "CVE-2020-7064", STATE: "PUBLIC", TITLE: "Use-of-uninitialized-value in exif", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PHP", version: { version_data: [ { version_affected: "<", version_name: "7.3.x", version_value: "7.3.16", }, { version_affected: "<", version_name: "7.4.x", version_value: "7.4.4", }, { version_affected: "<", version_name: "7.2.x", version_value: "7.2.29", }, ], }, }, ], }, vendor_name: "PHP Group", }, ], }, }, credit: [ { lang: "eng", value: "From https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19581", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "[debian-lts-announce] 20200426 [SECURITY] [DLA 2188-1] php5 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { name: "USN-4330-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-1/", }, { name: "USN-4330-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4330-2/", }, { name: "openSUSE-SU-2020:0642", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { name: "DSA-4717", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4717", }, { name: "DSA-4719", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4719", }, { name: "https://bugs.php.net/bug.php?id=79282", refsource: "MISC", url: "https://bugs.php.net/bug.php?id=79282", }, { name: "https://security.netapp.com/advisory/ntap-20200403-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { name: "https://www.oracle.com/security-alerts/cpujan2021.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { name: "https://www.tenable.com/security/tns-2021-14", refsource: "CONFIRM", url: "https://www.tenable.com/security/tns-2021-14", }, ], }, source: { defect: [ "https://bugs.php.net/bug.php?id=79282", ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "dd77f84a-d19a-4638-8c3d-a322d820ed2b", assignerShortName: "php", cveId: "CVE-2020-7064", datePublished: "2020-04-01T03:35:13.144448Z", dateReserved: "2020-01-15T00:00:00", dateUpdated: "2024-09-16T23:56:45.058Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-0476
Vulnerability from cvelistv5
Published
2023-01-25 00:00
Modified
2025-04-01 14:58
Severity ?
EPSS score ?
Summary
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tenable.sc |
Version: Tenable.sc versions 5.23.1 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T05:10:56.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-0476", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-04-01T14:58:28.126734Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-74", description: "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-01T14:58:52.164Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Tenable.sc", vendor: "n/a", versions: [ { status: "affected", version: "Tenable.sc versions 5.23.1 and earlier", }, ], }, ], descriptions: [ { lang: "en", value: "A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.", }, ], problemTypes: [ { descriptions: [ { description: "LDAP Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-25T00:00:00.000Z", orgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", shortName: "tenable", }, references: [ { url: "https://www.tenable.com/security/tns-2023-03", }, ], }, }, cveMetadata: { assignerOrgId: "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", assignerShortName: "tenable", cveId: "CVE-2023-0476", datePublished: "2023-01-25T00:00:00.000Z", dateReserved: "2023-01-24T00:00:00.000Z", dateUpdated: "2025-04-01T14:58:52.164Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-202004-2062
Vulnerability from variot
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. PHP Exists in an out-of-bounds read vulnerability.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in the 'urldecode()' function in PHP 7.2.x prior to 7.2.30, 7.3.x prior to 7.3.17, and 7.4.x prior to 7.4.5. An attacker could exploit this vulnerability to obtain sensitive information. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4719-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 06, 2020 https://www.debian.org/security/faq
Package : php7.3 CVE ID : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or potentially the execution of arbitrary code.
For the stable distribution (buster), these problems have been fixed in version 7.3.19-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8DlcBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TPrg/+O/2SmuM/9AdyHAnRu7SJ0dlkEkF+FIR8SI2O7orDVLMYuNMdzN6oW9e4 oe+hhFE2iIOcl5lskxXLcnmd30izBxJXq+xJ000k6O0AfRZgVul+OTl5zDUJRKod Y1BuoVt2wUw0BT8V2FjYfu8XTGvDVqQVxc/GuZFExI6OkNcj0WFgdMP0wGu1VRxw FExRyZVHlATSVdH04gMI9BK1B4BVNZh05Qwb8bDD5sO16eamXIR6peuES1OJ4jUn YOfUMP2UgVLBywvHe+5VuXIW2AFj02Aw3Zl9Dgw2QTdylJs+ttf30NKWZP44/VFK wuyZa4y7tq2H31w9LBIvWIogYWe6CZYQeCvpVgSkLQwptRXqFSRC9OPTSKCKqnhN x8DXvLj6MzSO3jokZOLxxO473RGnV+WE1jgZ6LWK5LY8h5HjH5xPkef9v4UBpDQ/ UlEtEwMwceZK2jh3aI3yPoWQ2LIXASBe4+u1bG7Iln31MpTWJ/AdZ0sxWgGX1VqT JevU0IqRdKTX5kY8dE6mlje5G15AG1dNFigeWLHMZ1rJ/VSb2kiM4vrqL1lNBZwe jvsbpnyII4OeL/Zc7fEBnnKtzdDdu6PSv8aI1gSnFQCflMx8/nUbbWxu4J4HxGcW EZg1p2IaCW0hVTMhCwFTDH2EgseAS23XwloXp0i49FM23eJwuMM= =CeOY -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202004-2062", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.17", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "communications diameter signaling router", scope: "lte", trust: 1, vendor: "oracle", version: "8.4.0.5", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.30", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.4.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.4.5", }, { model: "communications diameter signaling router", scope: "gte", trust: 1, vendor: "oracle", version: "8.0.0.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.2.30 の 7.2.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.3.17 の 7.3.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.4.5 の 7.4.x", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:php:php", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-004899", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Debian", sources: [ { db: "PACKETSTORM", id: "168864", }, { db: "PACKETSTORM", id: "168881", }, ], trust: 0.2, }, cve: "CVE-2020-7067", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-7067", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-004899", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-185192", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-7067", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 2, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-004899", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-7067", trust: 1, value: "HIGH", }, { author: "security@php.net", id: "CVE-2020-7067", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-004899", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202004-1407", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-185192", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-7067", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-185192", }, { db: "VULMON", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "CNNVD", id: "CNNVD-202004-1407", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7067", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes. PHP Exists in an out-of-bounds read vulnerability.Information may be obtained. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in the 'urldecode()' function in PHP 7.2.x prior to 7.2.30, 7.3.x prior to 7.3.17, and 7.4.x prior to 7.4.5. An attacker could exploit this vulnerability to obtain sensitive information. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4719-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 06, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : php7.3\nCVE ID : CVE-2019-11048 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064\n CVE-2020-7065 CVE-2020-7066 CVE-2020-7067\n\nMultiple security issues were found in PHP, a widely-used open source\ngeneral purpose scripting language which could result in information\ndisclosure, denial of service or potentially the execution of arbitrary\ncode. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.19-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. \n\nFor the detailed security status of php7.3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/php7.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8DlcBfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0TPrg/+O/2SmuM/9AdyHAnRu7SJ0dlkEkF+FIR8SI2O7orDVLMYuNMdzN6oW9e4\noe+hhFE2iIOcl5lskxXLcnmd30izBxJXq+xJ000k6O0AfRZgVul+OTl5zDUJRKod\nY1BuoVt2wUw0BT8V2FjYfu8XTGvDVqQVxc/GuZFExI6OkNcj0WFgdMP0wGu1VRxw\nFExRyZVHlATSVdH04gMI9BK1B4BVNZh05Qwb8bDD5sO16eamXIR6peuES1OJ4jUn\nYOfUMP2UgVLBywvHe+5VuXIW2AFj02Aw3Zl9Dgw2QTdylJs+ttf30NKWZP44/VFK\nwuyZa4y7tq2H31w9LBIvWIogYWe6CZYQeCvpVgSkLQwptRXqFSRC9OPTSKCKqnhN\nx8DXvLj6MzSO3jokZOLxxO473RGnV+WE1jgZ6LWK5LY8h5HjH5xPkef9v4UBpDQ/\nUlEtEwMwceZK2jh3aI3yPoWQ2LIXASBe4+u1bG7Iln31MpTWJ/AdZ0sxWgGX1VqT\nJevU0IqRdKTX5kY8dE6mlje5G15AG1dNFigeWLHMZ1rJ/VSb2kiM4vrqL1lNBZwe\njvsbpnyII4OeL/Zc7fEBnnKtzdDdu6PSv8aI1gSnFQCflMx8/nUbbWxu4J4HxGcW\nEZg1p2IaCW0hVTMhCwFTDH2EgseAS23XwloXp0i49FM23eJwuMM=\n=CeOY\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-185192", }, { db: "VULMON", id: "CVE-2020-7067", }, { db: "PACKETSTORM", id: "168864", }, { db: "PACKETSTORM", id: "168881", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-7067", trust: 2.8, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.8, }, { db: "JVNDB", id: "JVNDB-2020-004899", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202004-1407", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.1446", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4296", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2307", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2296", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "VULHUB", id: "VHN-185192", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-7067", trust: 0.1, }, { db: "PACKETSTORM", id: "168864", trust: 0.1, }, { db: "PACKETSTORM", id: "168881", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-185192", }, { db: "VULMON", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "PACKETSTORM", id: "168864", }, { db: "PACKETSTORM", id: "168881", }, { db: "CNNVD", id: "CNNVD-202004-1407", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, id: "VAR-202004-2062", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-185192", }, ], trust: 0.01, }, last_update_date: "2024-11-23T19:38:12.045000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Sec Bug #79465", trust: 0.8, url: "https://bugs.php.net/bug.php?id=79465", }, { title: "PHP Buffer error vulnerability fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=116907", }, { title: "Amazon Linux AMI: ALAS-2020-1367", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1367", }, { title: "Amazon Linux AMI: ALAS-2020-1368", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1368", }, { title: "Debian Security Advisories: DSA-4717-1 php7.0 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=a27709c513fb18e7ddf6a588532d9735", }, { title: "Debian Security Advisories: DSA-4719-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=cf2756dc65762c0fef76f47a73a2324a", }, { title: "Tenable Security Advisories: [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-14", }, { title: "php7-internals", trust: 0.1, url: "https://github.com/0xbigshaq/php7-internals ", }, { title: "", trust: 0.1, url: "https://github.com/imhunterand/hackerone-publicy-disclosed ", }, ], sources: [ { db: "VULMON", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "CNNVD", id: "CNNVD-202004-1407", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.9, }, { problemtype: "CWE-196", trust: 1, }, ], sources: [ { db: "VULHUB", id: "VHN-185192", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=79465", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { trust: 1.8, url: "https://www.debian.org/security/2020/dsa-4717", }, { trust: 1.8, url: "https://www.debian.org/security/2020/dsa-4719", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { trust: 1.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7067", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7067", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1446/", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-v5-is-vulnerable-to-sensitive-information-leak-php-cve-2020-7067/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-32047", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2307/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2296/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4296/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7064", }, { trust: 0.2, url: "https://www.debian.org/security/faq", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7066", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7062", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11048", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7063", }, { trust: 0.2, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/0xbigshaq/php7-internals", }, { trust: 0.1, url: "https://alas.aws.amazon.com/alas-2020-1367.html", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7065", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.0", }, ], sources: [ { db: "VULHUB", id: "VHN-185192", }, { db: "VULMON", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "PACKETSTORM", id: "168864", }, { db: "PACKETSTORM", id: "168881", }, { db: "CNNVD", id: "CNNVD-202004-1407", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-185192", }, { db: "VULMON", id: "CVE-2020-7067", }, { db: "JVNDB", id: "JVNDB-2020-004899", }, { db: "PACKETSTORM", id: "168864", }, { db: "PACKETSTORM", id: "168881", }, { db: "CNNVD", id: "CNNVD-202004-1407", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7067", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-04-27T00:00:00", db: "VULHUB", id: "VHN-185192", }, { date: "2020-04-27T00:00:00", db: "VULMON", id: "CVE-2020-7067", }, { date: "2020-06-01T00:00:00", db: "JVNDB", id: "JVNDB-2020-004899", }, { date: "2020-07-28T19:12:00", db: "PACKETSTORM", id: "168864", }, { date: "2020-07-28T19:12:00", db: "PACKETSTORM", id: "168881", }, { date: "2020-04-16T00:00:00", db: "CNNVD", id: "CNNVD-202004-1407", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2020-04-27T21:15:14.593000", db: "NVD", id: "CVE-2020-7067", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-05-16T00:00:00", db: "VULHUB", id: "VHN-185192", }, { date: "2022-05-16T00:00:00", db: "VULMON", id: "CVE-2020-7067", }, { date: "2020-06-01T00:00:00", db: "JVNDB", id: "JVNDB-2020-004899", }, { date: "2022-05-17T00:00:00", db: "CNNVD", id: "CNNVD-202004-1407", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2024-11-21T05:36:36.513000", db: "NVD", id: "CVE-2020-7067", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202004-1407", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP Out-of-bounds read vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-004899", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202004-1407", }, ], trust: 0.6, }, }
var-202103-1464
Vulnerability from variot
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. Summary:
Openshift Serverless 1.10.2 is now available. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5. Solution:
See the documentation at: https://access.redhat.com/documentation/en-us/openshift_container_platform/ 4.5/html/serverless_applications/index
Bug Fix(es):
-
WMCO patch pub-key-hash annotation to Linux node (BZ#1945248)
-
LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath (BZ#1952917)
-
Telemetry info not completely available to identify windows nodes (BZ#1955319)
-
WMCO incorrectly shows node as ready after a failed configuration (BZ#1956412)
-
kube-proxy service terminated unexpectedly after recreated LB service (BZ#1963263)
-
Solution:
For Windows Machine Config Operator upgrades, see the following documentation:
https://docs.openshift.com/container-platform/4.7/windows_containers/window s-node-upgrades.html
- Bugs fixed (https://bugzilla.redhat.com/):
1945248 - WMCO patch pub-key-hash annotation to Linux node 1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM 1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath 1955319 - Telemetry info not completely available to identify windows nodes 1956412 - WMCO incorrectly shows node as ready after a failed configuration 1963263 - kube-proxy service terminated unexpectedly after recreated LB service
- Description:
Red Hat Advanced Cluster Management for Kubernetes 2.0.10 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
Bug fix:
-
RHACM 2.0.10 images (BZ #1940452)
-
Bugs fixed (https://bugzilla.redhat.com/):
1940452 - RHACM 2.0.10 images 1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function
- ========================================================================== Ubuntu Security Notice USN-4891-1 March 25, 2021
openssl vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
OpenSSL could be made to crash or run programs if it received specially crafted network traffic. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: libssl1.1 1.1.1f-1ubuntu4.3
Ubuntu 20.04 LTS: libssl1.1 1.1.1f-1ubuntu2.3
Ubuntu 18.04 LTS: libssl1.1 1.1.1-1ubuntu2.1~18.04.9
After a standard system update you need to reboot your computer to make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. Package List:
Red Hat Enterprise Linux BaseOS (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 security update Advisory ID: RHSA-2021:1200-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2021:1200 Issue date: 2021-04-14 CVE Names: CVE-2021-3449 CVE-2021-3450 ==================================================================== 1. Summary:
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 zip release for RHEL 7, RHEL 8 and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 6 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
-
openssl: NULL pointer deref in signature_algorithms processing (CVE-2021-3449)
-
openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update.
- Bugs fixed (https://bugzilla.redhat.com/):
1941547 - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT 1941554 - CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing
- References:
https://access.redhat.com/security/cve/CVE-2021-3449 https://access.redhat.com/security/cve/CVE-2021-3450 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.37
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYHcRztzjgjWX9erEAQi2UA//ZnBZbF6yu43LNZh8SpIsZt25+kmRXpPO 24bitxkguIp8Mbf6aysizioKh10TgUzJAZL/xwzVGaf1YTtGXEiiQZvl+qetQhal CYcQUX9iRTbN3LL5sT0es8qIc9pXnVSh9YCRaa2i3l9KWlPWA2U0R4OfrAmGIjUe VG3tJ92HhtdeEx0VOHC+X6e7bDMoGQboT7cDJsP/xn8abWrBn9pQYfh7Ej/4qwMK 8sm6M7KcMcl2Sxjv0PB5obmZWBILWiTwHrJu6M3D6HBMJ4IdA0+DrDjf5U3NW6xp uYmmkKkw18juBkRyLBFG0Xnm8JUh9t50zRL5XbI5rcv8w+puqcuLuNWD83L+fIFE Z7eDdVaf0TYljefjbiZP/An2vjiOJ6Tm7nO79lrCI/g7Oax+/oK0/ClDpLuwVKtB hz7f5VrK2+q+qDRvXk65Ala9kMHvhkr7s2/64/UMcvqpnTSkzypFORSdj+UBevUb a+2ClrFEeokOXZxvZGQQxvu6do8roy2vrpLgNmxaDf65JZk5R4NlC3J4SbEjwBTT Wg4bnZRXHi+T8OL3fmPTnNsEMOAdH3kwUfgzIbj9o6wFzoZiKYRUk9qQv8jb1G9K x0qnCqtrwqzBBUs+ntXfTguTOba7JYx7aWH6ieBOIb5tapLJw7xOlVWbE1d29BCy CkeZnyNSON8=u60F -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202103-1464", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "20.3.1.2", }, { model: "mysql workbench", scope: "lte", trust: 1, vendor: "oracle", version: "8.0.23", }, { model: "simatic cloud connect 7", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "cloud volumes ontap mediator", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "simatic net cp 1543sp-1", scope: "gte", trust: 1, vendor: "siemens", version: "2.1", }, { model: "simatic pdm", scope: "gte", trust: 1, vendor: "siemens", version: "9.1.0.7", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.12.1", }, { model: "essbase", scope: "eq", trust: 1, vendor: "oracle", version: "21.2", }, { model: "sma100", scope: "gte", trust: 1, vendor: "sonicwall", version: "10.2.0.0", }, { model: "multi-domain management", scope: "eq", trust: 1, vendor: "checkpoint", version: "r80.40", }, { model: "scalance s627-2m", scope: "gte", trust: 1, vendor: "siemens", version: "4.1", }, { model: "scalance xp-200", scope: "lt", trust: 1, vendor: "siemens", version: "4.3", }, { model: "simatic process historian opc ua server", scope: "gte", trust: 1, vendor: "siemens", version: "2019", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "10.0.0", }, { model: "simatic cp 1242-7 gprs v2", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "jd edwards world security", scope: "eq", trust: 1, vendor: "oracle", version: "a9.4", }, { model: "scalance xr524-8c", scope: "lt", trust: 1, vendor: "siemens", version: "6.4", }, { model: "tenable.sc", scope: "gte", trust: 1, vendor: "tenable", version: "5.13.0", }, { model: "simatic rf188ci", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic net cp 1243-1", scope: "gte", trust: 1, vendor: "siemens", version: "3.1", }, { model: "simatic rf185c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "snapcenter", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.13.0", }, { model: "mysql connectors", scope: "lte", trust: 1, vendor: "oracle", version: "8.0.23", }, { model: "simatic net cp 1543-1", scope: "lt", trust: 1, vendor: "siemens", version: "3.0", }, { model: "tim 1531 irc", scope: "lt", trust: 1, vendor: "siemens", version: "2.2", }, { model: "secure global desktop", scope: "eq", trust: 1, vendor: "oracle", version: "5.6", }, { model: "node.js", scope: "lte", trust: 1, vendor: "nodejs", version: "10.24.0", }, { model: "mysql server", scope: "lte", trust: 1, vendor: "oracle", version: "5.7.33", }, { model: "scalance xr-300wg", scope: "lt", trust: 1, vendor: "siemens", version: "4.3", }, { model: "sma100", scope: "lt", trust: 1, vendor: "sonicwall", version: "10.2.1.0-17sv", }, { model: "simatic s7-1200 cpu 1217c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinamics connect 300", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "node.js", scope: "lte", trust: 1, vendor: "nodejs", version: "12.12.0", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.11.1", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.58", }, { model: "scalance xm-400", scope: "lt", trust: 1, vendor: "siemens", version: "6.4", }, { model: "simatic net cp1243-7 lte eu", scope: "gte", trust: 1, vendor: "siemens", version: "3.1", }, { model: "quantum security gateway", scope: "eq", trust: 1, vendor: "checkpoint", version: "r81", }, { model: "communications communications policy management", scope: "eq", trust: 1, vendor: "oracle", version: "12.6.0.0.0", }, { model: "simatic rf360r", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "oncommand workflow automation", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "simatic hmi comfort outdoor panels", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic s7-1200 cpu 1214c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance s615", scope: "gte", trust: 1, vendor: "siemens", version: "6.2", }, { model: "mysql server", scope: "gte", trust: 1, vendor: "oracle", version: "8.0.15", }, { model: "simatic mv500", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic s7-1200 cpu 1212fc", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinec pni", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "scalance xf-200ba", scope: "lt", trust: 1, vendor: "siemens", version: "4.3", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.12.0", }, { model: "simatic rf188c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic wincc runtime advanced", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "zfs storage appliance kit", scope: "eq", trust: 1, vendor: "oracle", version: "8.8", }, { model: "simatic s7-1200 cpu 1211c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "nessus", scope: "lte", trust: 1, vendor: "tenable", version: "8.13.1", }, { model: "enterprise manager for storage management", scope: "eq", trust: 1, vendor: "oracle", version: "13.4.0.0", }, { model: "multi-domain management", scope: "eq", trust: 1, vendor: "checkpoint", version: "r81", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.59", }, { model: "primavera unifier", scope: "gte", trust: 1, vendor: "oracle", version: "17.7", }, { model: "simatic hmi basic panels 2nd generation", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "primavera unifier", scope: "eq", trust: 1, vendor: "oracle", version: "19.12", }, { model: "scalance w700", scope: "gte", trust: 1, vendor: "siemens", version: "6.5", }, { model: "e-series performance analyzer", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "scalance xr552-12", scope: "lt", trust: 1, vendor: "siemens", version: "6.4", }, { model: "simatic net cp1243-7 lte us", scope: "gte", trust: 1, vendor: "siemens", version: "3.1", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "12.0.0", }, { model: "openssl", scope: "gte", trust: 1, vendor: "openssl", version: "1.1.1", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "19.3.5", }, { model: "primavera unifier", scope: "eq", trust: 1, vendor: "oracle", version: "20.12", }, { model: "node.js", scope: "lte", trust: 1, vendor: "nodejs", version: "14.14.0", }, { model: "tenable.sc", scope: "lte", trust: 1, vendor: "tenable", version: "5.17.0", }, { model: "web gateway cloud service", scope: "eq", trust: 1, vendor: "mcafee", version: "10.1.1", }, { model: "openssl", scope: "lt", trust: 1, vendor: "openssl", version: "1.1.1k", }, { model: "simatic rf166c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "scalance xc-200", scope: "lt", trust: 1, vendor: "siemens", version: "4.3", }, { model: "simatic s7-1200 cpu 1215c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "quantum security management", scope: "eq", trust: 1, vendor: "checkpoint", version: "r80.40", }, { model: "scalance xr526-8c", scope: "lt", trust: 1, vendor: "siemens", version: "6.4", }, { model: "node.js", scope: "lt", trust: 1, vendor: "nodejs", version: "15.14.0", }, { model: "simatic s7-1500 cpu 1518-4 pn\\/dp mfp", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "web gateway cloud service", scope: "eq", trust: 1, vendor: "mcafee", version: "9.2.10", }, { model: "tim 1531 irc", scope: "gte", trust: 1, vendor: "siemens", version: "2.0", }, { model: "primavera unifier", scope: "lte", trust: 1, vendor: "oracle", version: "17.12", }, { model: "sinec infrastructure network services", scope: "lt", trust: 1, vendor: "siemens", version: "1.0.1.1", }, { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "21.0.0.2", }, { model: "secure backup", scope: "lt", trust: 1, vendor: "oracle", version: "18.1.0.1.0", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.11.0", }, { model: "storagegrid", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.57", }, { model: "scalance sc-600", scope: "gte", trust: 1, vendor: "siemens", version: "2.0", }, { model: "simatic pcs 7 telecontrol", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic s7-1200 cpu 1215 fc", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "node.js", scope: "lt", trust: 1, vendor: "nodejs", version: "12.22.1", }, { model: "simatic rf186ci", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "web gateway", scope: "eq", trust: 1, vendor: "mcafee", version: "10.1.1", }, { model: "simatic net cp 1542sp-1 irc", scope: "gte", trust: 1, vendor: "siemens", version: "2.1", }, { model: "capture client", scope: "eq", trust: 1, vendor: "sonicwall", version: "3.5", }, { model: "simatic logon", scope: "gte", trust: 1, vendor: "siemens", version: "1.6.0.2", }, { model: "simatic wincc telecontrol", scope: "eq", trust: 1, vendor: "siemens", version: null, }, { model: "active iq unified manager", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "sonicos", scope: "eq", trust: 1, vendor: "sonicwall", version: "7.0.1.0", }, { model: "jd edwards enterpriseone tools", scope: "lt", trust: 1, vendor: "oracle", version: "9.2.6.0", }, { model: "oncommand insight", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "simatic pcs neo", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "scalance s623", scope: "gte", trust: 1, vendor: "siemens", version: "4.1", }, { model: "scalance lpe9403", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "simatic s7-1200 cpu 1214 fc", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "10.13.0", }, { model: "log correlation engine", scope: "lt", trust: 1, vendor: "tenable", version: "6.0.9", }, { model: "scalance m-800", scope: "gte", trust: 1, vendor: "siemens", version: "6.2", }, { model: "simatic rf186c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "web gateway cloud service", scope: "eq", trust: 1, vendor: "mcafee", version: "8.2.19", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "14.0.0", }, { model: "primavera unifier", scope: "eq", trust: 1, vendor: "oracle", version: "21.12", }, { model: "web gateway", scope: "eq", trust: 1, vendor: "mcafee", version: "9.2.10", }, { model: "node.js", scope: "lt", trust: 1, vendor: "nodejs", version: "14.16.1", }, { model: "simatic hmi ktp mobile panels", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinema server", scope: "eq", trust: 1, vendor: "siemens", version: "14.0", }, { model: "scalance s612", scope: "gte", trust: 1, vendor: "siemens", version: "4.1", }, { model: "simatic s7-1200 cpu 1212c", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "santricity smi-s provider", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "quantum security management", scope: "eq", trust: 1, vendor: "checkpoint", version: "r81", }, { model: "scalance xr528-6m", scope: "lt", trust: 1, vendor: "siemens", version: "6.4", }, { model: "tia administrator", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinec nms", scope: "eq", trust: 1, vendor: "siemens", version: "1.0", }, { model: "simatic logon", scope: "eq", trust: 1, vendor: "siemens", version: "1.5", }, { model: "freebsd", scope: "eq", trust: 1, vendor: "freebsd", version: "12.2", }, { model: "sinumerik opc ua server", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "mysql server", scope: "lte", trust: 1, vendor: "oracle", version: "8.0.23", }, { model: "ontap select deploy administration utility", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "scalance xb-200", scope: "lt", trust: 1, vendor: "siemens", version: "4.3", }, { model: "scalance s602", scope: "gte", trust: 1, vendor: "siemens", version: "4.1", }, { model: "ruggedcom rcm1224", scope: "gte", trust: 1, vendor: "siemens", version: "6.2", }, { model: "node.js", scope: "lte", trust: 1, vendor: "nodejs", version: "10.12.0", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "12.13.0", }, { model: "simatic cp 1242-7 gprs v2", scope: "gte", trust: 1, vendor: "siemens", version: "3.1", }, { model: "web gateway", scope: "eq", trust: 1, vendor: "mcafee", version: "8.2.19", }, { model: "quantum security gateway", scope: "eq", trust: 1, vendor: "checkpoint", version: "r80.40", }, { model: "simatic net cp 1545-1", scope: "gte", trust: 1, vendor: "siemens", version: "1.0", }, { model: "simatic cloud connect 7", scope: "gte", trust: 1, vendor: "siemens", version: "1.1", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "15.0.0", }, { model: "simatic net cp 1243-8 irc", scope: "gte", trust: 1, vendor: "siemens", version: "3.1", }, { model: "scalance w1700", scope: "gte", trust: 1, vendor: "siemens", version: "2.0", }, { model: "node.js", scope: "gte", trust: 1, vendor: "nodejs", version: "14.15.0", }, { model: "simatic net cp 1543-1", scope: "gte", trust: 1, vendor: "siemens", version: "2.2", }, { model: "hitachi ops center analyzer viewpoint", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "storagegrid", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "ontap select deploy administration utility", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "quantum security gateway", scope: null, trust: 0.8, vendor: "チェック ポイント ソフトウェア テクノロジーズ", version: null, }, { model: "tenable.sc", scope: null, trust: 0.8, vendor: "tenable", version: null, }, { model: "nessus", scope: null, trust: 0.8, vendor: "tenable", version: null, }, { model: "oncommand workflow automation", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "freebsd", scope: null, trust: 0.8, vendor: "freebsd", version: null, }, { model: "hitachi ops center common services", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "santricity smi-s provider", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "mcafee web gateway ソフトウェア", scope: null, trust: 0.8, vendor: "マカフィー", version: null, }, { model: "e-series performance analyzer", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "jp1/file transmission server/ftp", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "quantum security management", scope: null, trust: 0.8, vendor: "チェック ポイント ソフトウェア テクノロジーズ", version: null, }, { model: "openssl", scope: null, trust: 0.8, vendor: "openssl", version: null, }, { model: "cloud volumes ontap メディエータ", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "jp1/base", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "web gateway cloud service", scope: null, trust: 0.8, vendor: "マカフィー", version: null, }, { model: "multi-domain management", scope: null, trust: 0.8, vendor: "チェック ポイント ソフトウェア テクノロジーズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "163257", }, { db: "PACKETSTORM", id: "162383", }, { db: "PACKETSTORM", id: "162076", }, { db: "PACKETSTORM", id: "162013", }, { db: "PACKETSTORM", id: "162200", }, { db: "PACKETSTORM", id: "162197", }, { db: "PACKETSTORM", id: "162189", }, ], trust: 0.8, }, cve: "CVE-2021-3449", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-3449", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-388130", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.2, id: "CVE-2021-3449", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 5.9, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-3449", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-3449", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-3449", trust: 0.8, value: "Medium", }, { author: "VULHUB", id: "VHN-388130", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-388130", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j). The product supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, secure hash algorithms, etc. Summary:\n\nOpenshift Serverless 1.10.2 is now available. This version of the OpenShift Serverless\nOperator is supported on Red Hat OpenShift Container Platform version 4.5. Solution:\n\nSee the documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/\n4.5/html/serverless_applications/index\n\n4. \n\nBug Fix(es):\n\n* WMCO patch pub-key-hash annotation to Linux node (BZ#1945248)\n\n* LoadBalancer Service type with invalid external loadbalancer IP breaks\nthe datapath (BZ#1952917)\n\n* Telemetry info not completely available to identify windows nodes\n(BZ#1955319)\n\n* WMCO incorrectly shows node as ready after a failed configuration\n(BZ#1956412)\n\n* kube-proxy service terminated unexpectedly after recreated LB service\n(BZ#1963263)\n\n3. Solution:\n\nFor Windows Machine Config Operator upgrades, see the following\ndocumentation:\n\nhttps://docs.openshift.com/container-platform/4.7/windows_containers/window\ns-node-upgrades.html\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1945248 - WMCO patch pub-key-hash annotation to Linux node\n1946538 - CVE-2021-25736 kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM\n1952917 - LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath\n1955319 - Telemetry info not completely available to identify windows nodes\n1956412 - WMCO incorrectly shows node as ready after a failed configuration\n1963263 - kube-proxy service terminated unexpectedly after recreated LB service\n\n5. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.0.10 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console—with security policy built in. \n\nBug fix:\n\n* RHACM 2.0.10 images (BZ #1940452)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1940452 - RHACM 2.0.10 images\n1944286 - CVE-2021-23358 nodejs-underscore: Arbitrary code execution via the template function\n\n5. ==========================================================================\nUbuntu Security Notice USN-4891-1\nMarch 25, 2021\n\nopenssl vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nOpenSSL could be made to crash or run programs if it received specially\ncrafted network traffic. A remote attacker could use this issue to cause\nOpenSSL to crash, resulting in a denial of service, or possibly execute\narbitrary code. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n libssl1.1 1.1.1f-1ubuntu4.3\n\nUbuntu 20.04 LTS:\n libssl1.1 1.1.1f-1ubuntu2.3\n\nUbuntu 18.04 LTS:\n libssl1.1 1.1.1-1ubuntu2.1~18.04.9\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP7 security update\nAdvisory ID: RHSA-2021:1200-01\nProduct: Red Hat JBoss Core Services\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:1200\nIssue date: 2021-04-14\nCVE Names: CVE-2021-3449 CVE-2021-3450\n====================================================================\n1. Summary:\n\nRed Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 7 zip\nrelease for RHEL 7, RHEL 8 and Microsoft Windows is available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Description:\n\nRed Hat JBoss Core Services is a set of supplementary software for Red Hat\nJBoss middleware products. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 7 packages\nthat are part of the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack\nApache Server 2.4.37 Service Pack 6 and includes bug fixes and\nenhancements. Refer to the Release Notes for information on the most\nsignificant bug fixes and enhancements included in this release. \n\nSecurity fix(es):\n\n* openssl: NULL pointer deref in signature_algorithms processing\n(CVE-2021-3449)\n\n* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT\n(CVE-2021-3450)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n3. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1941547 - CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT\n1941554 - CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing\n\n5. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3449\nhttps://access.redhat.com/security/cve/CVE-2021-3450\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.37\n\n6. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYHcRztzjgjWX9erEAQi2UA//ZnBZbF6yu43LNZh8SpIsZt25+kmRXpPO\n24bitxkguIp8Mbf6aysizioKh10TgUzJAZL/xwzVGaf1YTtGXEiiQZvl+qetQhal\nCYcQUX9iRTbN3LL5sT0es8qIc9pXnVSh9YCRaa2i3l9KWlPWA2U0R4OfrAmGIjUe\nVG3tJ92HhtdeEx0VOHC+X6e7bDMoGQboT7cDJsP/xn8abWrBn9pQYfh7Ej/4qwMK\n8sm6M7KcMcl2Sxjv0PB5obmZWBILWiTwHrJu6M3D6HBMJ4IdA0+DrDjf5U3NW6xp\nuYmmkKkw18juBkRyLBFG0Xnm8JUh9t50zRL5XbI5rcv8w+puqcuLuNWD83L+fIFE\nZ7eDdVaf0TYljefjbiZP/An2vjiOJ6Tm7nO79lrCI/g7Oax+/oK0/ClDpLuwVKtB\nhz7f5VrK2+q+qDRvXk65Ala9kMHvhkr7s2/64/UMcvqpnTSkzypFORSdj+UBevUb\na+2ClrFEeokOXZxvZGQQxvu6do8roy2vrpLgNmxaDf65JZk5R4NlC3J4SbEjwBTT\nWg4bnZRXHi+T8OL3fmPTnNsEMOAdH3kwUfgzIbj9o6wFzoZiKYRUk9qQv8jb1G9K\nx0qnCqtrwqzBBUs+ntXfTguTOba7JYx7aWH6ieBOIb5tapLJw7xOlVWbE1d29BCy\nCkeZnyNSON8=u60F\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. It is comprised of the Apache\nTomcat Servlet container, JBoss HTTP Connector (mod_cluster), the\nPicketLink Vault extension for Apache Tomcat, and the Tomcat Native\nlibrary. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied", sources: [ { db: "NVD", id: "CVE-2021-3449", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "VULHUB", id: "VHN-388130", }, { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "163257", }, { db: "PACKETSTORM", id: "162383", }, { db: "PACKETSTORM", id: "162076", }, { db: "PACKETSTORM", id: "161984", }, { db: "PACKETSTORM", id: "162013", }, { db: "PACKETSTORM", id: "162200", }, { db: "PACKETSTORM", id: "162197", }, { db: "PACKETSTORM", id: "162189", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-3449", trust: 2.8, }, { db: "TENABLE", id: "TNS-2021-06", trust: 1.1, }, { db: "TENABLE", id: "TNS-2021-09", trust: 1.1, }, { db: "TENABLE", id: "TNS-2021-05", trust: 1.1, }, { db: "TENABLE", id: "TNS-2021-10", trust: 1.1, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/03/28/3", trust: 1.1, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/03/27/2", trust: 1.1, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/03/28/4", trust: 1.1, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/03/27/1", trust: 1.1, }, { db: "SIEMENS", id: "SSA-772220", trust: 1.1, }, { db: "SIEMENS", id: "SSA-389290", trust: 1.1, }, { db: "PULSESECURE", id: "SA44845", trust: 1.1, }, { db: "MCAFEE", id: "SB10356", trust: 1.1, }, { db: "JVN", id: "JVNVU92126369", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-001383", trust: 0.8, }, { db: "PACKETSTORM", id: "162197", trust: 0.2, }, { db: "PACKETSTORM", id: "162076", trust: 0.2, }, { db: "PACKETSTORM", id: "163257", trust: 0.2, }, { db: "PACKETSTORM", id: "162013", trust: 0.2, }, { db: "PACKETSTORM", id: "162383", trust: 0.2, }, { db: "PACKETSTORM", id: "162189", trust: 0.2, }, { db: "PACKETSTORM", id: "161984", trust: 0.2, }, { db: "PACKETSTORM", id: "162200", trust: 0.2, }, { db: "PACKETSTORM", id: "162114", trust: 0.1, }, { db: "PACKETSTORM", id: "162350", trust: 0.1, }, { db: "PACKETSTORM", id: "162041", trust: 0.1, }, { db: "PACKETSTORM", id: "162183", trust: 0.1, }, { db: "PACKETSTORM", id: "162699", trust: 0.1, }, { db: "PACKETSTORM", id: "162337", trust: 0.1, }, { db: "PACKETSTORM", id: "162151", trust: 0.1, }, { db: "PACKETSTORM", id: "162196", trust: 0.1, }, { db: "PACKETSTORM", id: "162172", trust: 0.1, }, { db: "PACKETSTORM", id: "162201", trust: 0.1, }, { db: "PACKETSTORM", id: "162307", trust: 0.1, }, { db: "SEEBUG", id: "SSVID-99170", trust: 0.1, }, { db: "VULHUB", id: "VHN-388130", trust: 0.1, }, { db: "PACKETSTORM", id: "162694", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-388130", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "163257", }, { db: "PACKETSTORM", id: "162383", }, { db: "PACKETSTORM", id: "162076", }, { db: "PACKETSTORM", id: "161984", }, { db: "PACKETSTORM", id: "162013", }, { db: "PACKETSTORM", id: "162200", }, { db: "PACKETSTORM", id: "162197", }, { db: "PACKETSTORM", id: "162189", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, id: "VAR-202103-1464", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-388130", }, ], trust: 0.6742040990624999, }, last_update_date: "2024-11-29T22:12:22.747000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "hitachi-sec-2021-119 Software product security information", trust: 0.8, url: "https://www.debian.org/security/2021/dsa-4875", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-001383", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.1, }, { problemtype: "NULL Pointer dereference (CWE-476) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-388130", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3449", }, { trust: 1.1, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-openssl-2021-ghy28djd", }, { trust: 1.1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { trust: 1.1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { trust: 1.1, url: "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44845", }, { trust: 1.1, url: "https://psirt.global.sonicwall.com/vuln-detail/snwlid-2021-0013", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { trust: 1.1, url: "https://www.openssl.org/news/secadv/20210325.txt", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-05", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-06", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-09", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-10", }, { trust: 1.1, url: "https://www.debian.org/security/2021/dsa-4875", }, { trust: 1.1, url: "https://security.gentoo.org/glsa/202103-03", }, { trust: 1.1, url: "https://security.freebsd.org/advisories/freebsd-sa-21:07.openssl.asc", }, { trust: 1.1, url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { trust: 1.1, url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { trust: 1.1, url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { trust: 1.1, url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { trust: 1.1, url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { trust: 1.1, url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { trust: 1, url: "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ccbfllvqvilivgzmbjl3ixzgkwqisynp/", }, { trust: 1, url: "https://kc.mcafee.com/corporate/index?page=content&id=sb10356", }, { trust: 1, url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu92126369/", }, { trust: 0.8, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.8, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.8, url: "https://access.redhat.com/security/cve/cve-2021-3449", }, { trust: 0.8, url: "https://bugzilla.redhat.com/):", }, { trust: 0.7, url: "https://access.redhat.com/security/cve/cve-2021-3450", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3450", }, { trust: 0.5, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-20305", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20305", }, { trust: 0.1, url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148", }, { trust: 0.1, url: "https://kc.mcafee.com/corporate/index?page=content&id=sb10356", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ccbfllvqvilivgzmbjl3ixzgkwqisynp/", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20454", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20916", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19221", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20907", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19906", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13050", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20907", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13631", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14422", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7595", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13632", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/openshift_container_platform/", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8492", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16168", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-9327", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13630", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20387", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5018", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20218", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-1000858", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3115", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13050", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-14889", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-1730", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-9327", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16935", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19906", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13627", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19221", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-6405", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20388", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3114", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20843", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-1000858", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20388", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-15903", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20843", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:2021", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13631", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20387", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8492", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5018", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19956", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13632", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-15903", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14422", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13627", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13630", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-14889", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-1730", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-6405", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19956", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16935", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20218", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20454", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7595", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16168", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20916", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-25013", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-29362", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-25736", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-29361", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:2130", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-2708", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8286", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8284", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-28196", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-15358", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27219", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-15358", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8927", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13434", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2017-14502", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.7/windows_containers/window", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-29362", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8285", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8285", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2017-14502", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8286", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-29363", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-9169", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-10228", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27618", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8927", }, { trust: 0.1, url: "https://issues.jboss.org/):", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3842", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13434", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3326", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-25736", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-2708", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13776", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-10228", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-29363", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24977", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-3842", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13776", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-25013", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8231", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9169", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3326", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8231", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-27219", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8284", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-24977", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-29361", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-27618", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-28196", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23358", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27363", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-15586", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3347", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-28374", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-28362", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23358", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-27364", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26708", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27365", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-0466", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-27152", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-27363", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-16845", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27152", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3347", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-16845", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-27365", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-0466", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-28362", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-15586", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27364", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1448", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-28374", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-26708", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1063", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/openssl/1.1.1-1ubuntu2.1~18.04.9", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/openssl/1.1.1f-1ubuntu4.3", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-4891-1", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/openssl/1.1.1f-1ubuntu2.3", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1024", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1203", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1200", }, { trust: 0.1, url: "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp&downloadtype=securitypatches&version=2.4.37", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:1195", }, ], sources: [ { db: "VULHUB", id: "VHN-388130", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "163257", }, { db: "PACKETSTORM", id: "162383", }, { db: "PACKETSTORM", id: "162076", }, { db: "PACKETSTORM", id: "161984", }, { db: "PACKETSTORM", id: "162013", }, { db: "PACKETSTORM", id: "162200", }, { db: "PACKETSTORM", id: "162197", }, { db: "PACKETSTORM", id: "162189", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-388130", }, { db: "JVNDB", id: "JVNDB-2021-001383", }, { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "163257", }, { db: "PACKETSTORM", id: "162383", }, { db: "PACKETSTORM", id: "162076", }, { db: "PACKETSTORM", id: "161984", }, { db: "PACKETSTORM", id: "162013", }, { db: "PACKETSTORM", id: "162200", }, { db: "PACKETSTORM", id: "162197", }, { db: "PACKETSTORM", id: "162189", }, { db: "NVD", id: "CVE-2021-3449", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-03-25T00:00:00", db: "VULHUB", id: "VHN-388130", }, { date: "2021-05-06T00:00:00", db: "JVNDB", id: "JVNDB-2021-001383", }, { date: "2021-05-19T14:19:18", db: "PACKETSTORM", id: "162694", }, { date: "2021-06-23T15:44:15", db: "PACKETSTORM", id: "163257", }, { date: "2021-04-29T14:37:49", db: "PACKETSTORM", id: "162383", }, { date: "2021-04-05T15:16:03", db: "PACKETSTORM", id: "162076", }, { date: "2021-03-26T14:15:18", db: "PACKETSTORM", id: "161984", }, { date: "2021-03-30T14:07:13", db: "PACKETSTORM", id: "162013", }, { date: "2021-04-15T13:50:30", db: "PACKETSTORM", id: "162200", }, { date: "2021-04-15T13:50:04", db: "PACKETSTORM", id: "162197", }, { date: "2021-04-14T16:50:04", db: "PACKETSTORM", id: "162189", }, { date: "2021-03-25T15:15:13.450000", db: "NVD", id: "CVE-2021-3449", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-08-29T00:00:00", db: "VULHUB", id: "VHN-388130", }, { date: "2021-09-13T07:43:00", db: "JVNDB", id: "JVNDB-2021-001383", }, { date: "2024-11-21T06:21:33.050000", db: "NVD", id: "CVE-2021-3449", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "161984", }, ], trust: 0.1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenSSL In NULL Pointer dereference vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-001383", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code execution", sources: [ { db: "PACKETSTORM", id: "162694", }, { db: "PACKETSTORM", id: "162383", }, ], trust: 0.2, }, }
var-201902-0360
Vulnerability from variot
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML. Summary:
An update for the pki-core:10.6 and pki-deps:10.6 modules is now available for Red Hat Enterprise Linux 8. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):
1376706 - restore SerialNumber tag in caManualRenewal xml 1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests 1406505 - KRA ECC installation failed with shared tomcat 1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute 1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip 1666907 - CC: Enable AIA OCSP cert checking for entire cert chain 1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1695901 - CVE-2019-10179 pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab 1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection 1706521 - CA - SubjectAltNameExtInput does not display text fields to the enrollment page 1710171 - CVE-2019-10146 pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page 1721684 - Rebase pki-servlet-engine to 9.0.30 1724433 - caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed. 1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA 1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. 1777579 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page 1805541 - [RFE] CA Certificate Transparency with Embedded Signed Certificate Time stamp 1817247 - Upgrade to 10.8.3 breaks PKI Tomcat Server 1821851 - [RFE] Provide SSLEngine via JSSProvider for use with PKI 1822246 - JSS - NativeProxy never calls releaseNativeResources - Memory Leak 1824939 - JSS: add RSA PSS support - RHEL 8.3 1824948 - add RSA PSS support - RHEL 8.3 1825998 - CertificatePoliciesExtDefault MAX_NUM_POLICIES hardcoded limit 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1842734 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab [rhel-8] 1842736 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in 'path length' constraint field in CA's Agent page [rhel-8] 1843537 - Able to Perform PKI CLI operations like cert request and approval without nssdb password 1845447 - pkispawn fails in FIPS mode: AJP connector has secretRequired="true" but no secret 1850004 - CVE-2020-11023 jquery: Passing HTML containing elements to manipulation methods could result in untrusted code execution 1854043 - /usr/bin/PrettyPrintCert is failing with a ClassNotFoundException 1854959 - ca-profile-add with Netscape extensions nsCertSSLClient and nsCertEmail in the profile gets stuck in processing 1855273 - CVE-2020-15720 pki: Dogtag's python client does not validate certificates 1855319 - Not able to launch pkiconsole 1856368 - kra-key-generate request is failing 1857933 - CA Installation is failing with ncipher v12.30 HSM 1861911 - pki cli ca-cert-request-approve hangs over crmf request from client-cert-request 1869893 - Common certificates are missing in CS.cfg on shared PKI instance 1871064 - replica install failing during pki-ca component configuration 1873235 - pki ca-user-cert-add with secure port failed with 'SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT'
- Description:
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. JIRA issues fixed (https://issues.jboss.org/):
JBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001 JBEAP-23865 - GSS Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001 JBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001 JBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7 JBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001 JBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001 JBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001 JBEAP-24100 - GSS Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001 JBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value JBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001 JBEAP-24132 - GSS Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001 JBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001 JBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002 JBEAP-24191 - GSS Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001 JBEAP-24195 - GSS Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001 JBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003 JBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2 JBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001 JBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001
- Description:
Bootstrap style library packaged for setuptools (easy_install) / pip. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update Advisory ID: RHSA-2020:3247-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2020:3247 Issue date: 2020-08-04 CVE Names: CVE-2017-18635 CVE-2019-8331 CVE-2019-10086 CVE-2019-13990 CVE-2019-17195 CVE-2019-19336 CVE-2020-7598 CVE-2020-10775 CVE-2020-11022 CVE-2020-11023 =====================================================================
- Summary:
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch, x86_64
- Description:
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a VM Portal, and a Representational State Transfer (REST) Application Programming Interface (API).
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/ht ml-single/technical_notes
Security Fix(es):
-
apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)
-
libquartz: XXE attacks via job description (CVE-2019-13990)
-
novnc: XSS vulnerability via the messages propagated to the status field (CVE-2017-18635)
-
bootstrap: XSS in the tooltip or popover data-template attribute (CVE-2019-8331)
-
nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195)
-
ovirt-engine: response_type parameter allows reflected XSS (CVE-2019-19336)
-
nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload (CVE-2020-7598)
-
ovirt-engine: Redirect to arbitrary URL allows for phishing (CVE-2020-10775)
-
Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
-
jQuery: passing HTML containing elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/2974891
- Bugs fixed (https://bugzilla.redhat.com/):
1080097 - [RFE] Allow editing disks details in the Disks tab 1325468 - [RFE] Autostart of VMs that are down (with Engine assistance - Engine has to be up) 1358501 - [RFE] multihost network change - notify when done 1427717 - [RFE] Create and/or select affinity group upon VM creation. 1475774 - RHV-M requesting four GetDeviceListVDSCommand when editing storage domain 1507438 - not able to deploy new rhvh host when "/tmp" is mounted with "noexec" option 1523835 - Hosted-Engine: memory hotplug does not work for engine vm 1527843 - [Tracker] Q35 chipset support (with seabios) 1529042 - [RFE] Changing of Cluster CPU Type does not trigger config update notification 1535796 - Undeployment of HE is not graceful 1546838 - [RFE] Refuse to deploy on localhost.localdomain 1547937 - [RFE] Live Storage Migration progress bar. 1585986 - [HE] When lowering the cluster compatibility, we need to force update the HE storage OVF store to ensure it can start up (migration will not work). 1593800 - [RFE] forbid new mac pools with overlapping ranges 1596178 - inconsistent display between automatic and manual Pool Type 1600059 - [RFE] Add by default a storage lease to HA VMs 1610212 - After updating to RHV 4.1 while trying to edit the disk, getting error "Cannot edit Virtual Disk. Cannot edit Virtual Disk. Disk extension combined with disk compat version update isn't supported. Please perform the updates separately." 1611395 - Unable to list Compute Templates in RHV 4.2 from Satellite 6.3.2 1616451 - [UI] add a tooltip to explain the supported matrix for the combination of disk allocation policies, formats and the combination result 1637172 - Live Merge hung in the volume deletion phase, leaving snapshot in a LOCKED state 1640908 - Javascript Error popup when Managing StorageDomain with LUNs and 400+ paths 1642273 - [UI] - left nav border highlight missing in RHV 1647440 - [RFE][UI] Provide information about the VM next run 1648345 - Jobs are not properly cleaned after a failed task. 1650417 - HA is broken for VMs having disks in NFS storage domain because of Qemu OFD locking 1650505 - Increase of ClusterCompatibilityVersion to Cluster with virtual machines with outstanding configuration changes, those changes will be reverted 1651406 - [RFE] Allow Maintenance of Host with Enforcing VM Affinity Rules (hard affinity) 1651939 - a new size of the direct LUN not updated in Admin Portal 1654069 - [Downstream Clone] [UI] - grids bottom scrollbar hides bottom row 1654889 - [RFE] Support console VNC for mediated devices 1656621 - Importing VM OVA always enables 'Cloud-Init/Sysprep' 1658101 - [RESTAPI] Adding ISO disables serial console 1659161 - Unable to edit pool that is delete protected 1660071 - Regression in Migration of VM that starts in pause mode: took 11 hours 1660644 - Concurrent LSMs of the same disk can be issued via the REST-API 1663366 - USB selection option disabled even though USB support is enabled in RHV-4.2 1664479 - Third VM fails to get migrated when host is placed into maintenance mode 1666913 - [UI] warn users about different "Vdsm Name" when creating network with a fancy char or long name 1670102 - [CinderLib] - openstack-cinder and cinderlib packages are not installed on ovirt-engine machine 1671876 - "Bond Active Slave" parameter on RHV-M GUI shows an incorrect until Refresh Caps 1679039 - Unable to upload image through Storage->Domain->Disk because of wrong DC 1679110 - [RFE] change Admin Portal toast notifications location 1679471 - [ja, de, es, fr, pt_BR] The console client resources page shows truncated title for some locales 1679730 - Warn about host IP addresses outside range 1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute 1686650 - Memory snapshots' deletion logging unnecessary WARNINGS in engine.log 1687345 - Snapshot with memory volumes can fail if the memory dump takes more than 180 seconds 1690026 - [RFE] - Creating an NFS storage domain the engine should let the user specify exact NFS version v4.0 and not just v4 1690155 - Disk migration progress bar not clearly visible and unusable. 1690475 - When a live storage migration fails, the auto generated snapshot does not get removed 1691562 - Cluster level changes are not increasing VMs generation numbers and so a new OVF_STORE content is not copied to the shared storage 1692592 - "Enable menu to select boot device shows 10 device listed with cdrom at 10th slot but when selecting 10 option the VM took 1 as option and boot with disk 1693628 - Engine generates too many updates to vm_dynamic table due to the session change 1693813 - Do not change DC level if there are VMs running/paused with older CL. 1695026 - Failure in creating snapshots during "Live Storage Migration" can result in a nonexistent snapshot 1695635 - [RFE] Improve Host Drop-down menu in different Dialogs (i.e. Alphabetical sort of Hosts in Remove|New StorageDomains) 1696245 - [RFE] Allow full customization while cloning a VM 1696669 - Build bouncycastle for RHV 4.4 RHEL 8 1696676 - Build ebay-cors-filter for RHV 4.4 RHEL 8 1698009 - Build openstack-java-sdk for RHV 4.4 RHEL 8 1698102 - Print a warning message to engine-setup, which highlights that other clusters than the Default one are not modified to use ovirt-provider-ovn as the default network provider 1700021 - [RFE] engine-setup should warn and prompt if ca.pem is missing but other generated pki files exist 1700036 - [RFE] Add RedFish API for host power management for RHEV 1700319 - VM is going to pause state with "storage I/O error". 1700338 - [RFE] Alternate method to configure the email Event Notifier for a user in RHV through API (instead of RHV GUI) 1700725 - [scale] RHV-M runs out of memory due to to much data reported by the guest agent 1700867 - Build makeself for RHV 4.4 RHEL 8 1701476 - Build unboundid-ldapsdk for RHV 4.4 RHEL 8 1701491 - Build RHV-M 4.4 - RHEL 8 1701522 - Build ovirt-imageio-proxy for RHV 4.4 / RHEL 8 1701528 - Build / Tag python-ovsdbapp for RHV 4.4 RHEL 8 1701530 - Build / Tag ovirt-cockpit-sso for RHV 4.4 RHEL 8 1701531 - Build / Tag ovirt-engine-api-explorer for RHV 4.4 RHEL 8 1701533 - Build / Tag ovirt-engine-dwh for RHV 4.4 / RHEL 8 1701538 - Build / Tag vdsm-jsonrpc-java for RHV 4.4 RHEL 8 1701544 - Build rhvm-dependencies for RHV 4.4 RHEL 8 1702310 - Build / Tag ovirt-engine-ui-extensions for RHV 4.4 RHEL 8 1702312 - Build ovirt-log-collector for RHV 4.4 RHEL 8 1703112 - PCI address of NICs are not stored in the database after a hotplug of passthrough NIC resulting in change of network device name in VM after a reboot 1703428 - VMs migrated from KVM to RHV show warning 'The latest guest agent needs to be installed and running on the guest' 1707225 - [cinderlib] Cinderlib DB is missing a backup and restore option 1708624 - Build rhvm-setup-plugins for RHV 4.4 - RHEL 8 1710491 - No EVENT_ID is generated in /var/log/ovirt-engine/engine.log when VM is rebooted from OS level itself. 1711006 - Metrics installation fails during the execution of playbook ovirt-metrics-store-installation if the environment is not having DHCP 1712255 - Drop 4.1 datacenter/cluster level 1712746 - [RFE] Ignition support for ovirt vms 1712890 - engine-setup should check for snapshots in unsupported CL 1714528 - Missing IDs on cluster upgrade buttons 1714633 - Using more than one asterisk in the search string is not working when searching for users. 1714834 - Cannot disable SCSI passthrough using API 1715725 - Sending credentials in query string logs them in ovirt-request-logs 1716590 - [RFE][UX] Make Cluster-wide "Custom serial number policy" value visible at VM level 1718818 - [RFE] Enhance local disk passthrough 1720686 - Tag ovirt-scheduler-proxy for RHV 4.4 RHEL 8 1720694 - Build ovirt-engine-extension-aaa-jdbc for RHV 4.4 RHEL 8 1720795 - New guest tools are available mark in case of guest tool located on Data Domain 1724959 - RHV recommends reporting issues to GitHub rather than access.redhat.com (ovirt->RHV rebrand glitch?) 1727025 - NPE in DestroyImage endAction during live merge leaving a task in DB for hours causing operations depending on host clean tasks to fail as Deactivate host/StopSPM/deactivate SD 1728472 - Engine reports network out of sync due to ipv6 default gateway via ND RA on a non default route network. 1729511 - engine-setup fails to upgrade to 4.3 with Unicode characters in CA subject 1729811 - [scale] updatevmdynamic broken if too many users logged in - psql ERROR: value too long for type character varying(255) 1730264 - VMs will fail to start if the vnic profile attached is having port mirroring enabled and have name greater than 15 characters 1730436 - Snapshot creation was successful, but snapshot remains locked 1731212 - RHV 4.4 landing page does not show login or allow scrolling. 1731590 - Cannot preview snapshot, it fails and VM remains locked. 1733031 - [RFE] Add warning when importing data domains to newer DC that may trigger SD format upgrade 1733529 - Consume python-ovsdbapp dependencies from OSP in RHEL 8 RHV 4.4 1733843 - Export to OVA fails if VM is running on the Host doing the export 1734839 - Unable to start guests in our Power9 cluster without running in headless mode. 1737234 - Attach a non-existent ISO to vm by the API return 201 and marks the Attach CD checkbox as ON 1737684 - Engine deletes the leaf volume when SnapshotVDSCommand timed out without checking if the volume is still used by the VM 1740978 - [RFE] Warn or Block importing VMs/Templates from unsupported compatibility levels. 1741102 - host activation causes RHHI nodes to lose the quorum 1741271 - Move/Copy disk are blocked if there is less space in source SD than the size of the disk 1741625 - VM fails to be re-started with error: Failed to acquire lock: No space left on device 1743690 - Commit and Undo buttons active when no snapshot selected 1744557 - RHV 4.3 throws an exception when trying to access VMs which have snapshots from unsupported compatibility levels 1745384 - [IPv6 Static] Engine should allow updating network's static ipv6gateway 1745504 - Tag rhv-log-collector-analyzer for RHV 4.4 RHEL 8 1746272 - [BREW BUILD ENABLER] Build the oVirt Ansible roles for RHV 4.4.0 1746430 - [Rebase] Rebase v2v-conversion-host for RHV 4.4 Engine 1746877 - [Metrics] Rebase bug - for the 4.4 release on EL8 1747772 - Extra white space at the top of webadmin dialogs 1749284 - Change the Snapshot operation to be asynchronous 1749944 - teardownImage attempts to deactivate in-use LV's rendering the VM disk image/volumes in locked state. 1750212 - MERGE_STATUS fails with 'Invalid UUID string: mapper' when Direct LUN that already exists is hot-plugged 1750348 - [Tracking] rhvm-branding-rhv for RHV 4.4 1750357 - [Tracking] ovirt-web-ui for RHV 4.4 1750371 - [Tracking] ovirt-engine-ui-extensions for RHV 4.4 1750482 - From VM Portal, users cannot create Operating System Windows VM. 1751215 - Unable to change Graphical Console of HE VM. 1751268 - add links to Insights to landing page 1751423 - Improve description of shared memory statistics and remove unimplemented memory metrics from API 1752890 - Build / Tag ovirt-engine-extension-aaa-ldap for RHV 4.4 RHEL 8 1752995 - [RFE] Need to be able to set default console option 1753629 - Build / Tag ovirt-engine-extension-aaa-misc for RHV 4.4 RHEL 8 1753661 - Build / Tag ovirt-engine-extension-logger-log4j got RHV 4.4 / RHEl 8 1753664 - Build ovirt-fast-forward-upgrade for RHV 4.4 /RHEL 8 support 1754363 - [Scale] Engine generates excessive amount of dns configuration related sql queries 1754490 - RHV Manager cannot start on EAP 7.2.4 1755412 - Setting "oreg_url: registry.redhat.io" fails with error 1758048 - clone(as thin) VM from template or create snapshot fails with 'Requested capacity 1073741824 < parent capacity 3221225472 (volume:1211)' 1758289 - [Warn] Duplicate chassis entries in southbound database if the host is down while removing the host from Manager 1762281 - Import of OVA created from template fails with java.lang.NullPointerException 1763992 - [RFE] Show "Open Console" as the main option in the VM actions menu 1764289 - Document details how each fence agent can be configured in RESTAPI 1764791 - CVE-2019-17195 nimbus-jose-jwt: Uncaught exceptions while parsing a JWT 1764932 - [BREW BUILD ENABLER] Build the ansible-runner-service for RHV 4.4 1764943 - Create Snapshot does not proceed beyond CreateVolume 1764959 - Apache is configured to offer TRACE method (security) 1765660 - CVE-2017-18635 novnc: XSS vulnerability via the messages propagated to the status field 1767319 - [RFE] forbid updating mac pool that contains ranges overlapping with any mac range in the system 1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 1768707 - Cannot set or update iscsi portal group tag when editing storage connection via API 1768844 - RHEL Advanced virtualization module streams support 1769463 - [Scale] Slow performance for api/clusters when many networks devices are present 1770237 - Cannot assign a vNIC profile for VM instance profile. 1771793 - VM Portal crashes in what appears to be a permission related problem. 1773313 - RHV Metric store installation fails with error: "You need to install \"jmespath\" prior to running json_query filter" 1777954 - VM Templates greater then 101 quantity are not listed/reported in RHV-M Webadmin UI. 1779580 - drop rhvm-doc package 1781001 - CVE-2019-19336 ovirt-engine: response_type parameter allows reflected XSS 1782236 - Windows Update (the drivers) enablement 1782279 - Warning message for low space is not received on Imported Storage domain 1782882 - qemu-kvm: kvm_init_vcpu failed: Function not implemented 1784049 - Rhel6 guest with cluster default q35 chipset causes kernel panic 1784385 - Still requiring rhvm-doc in rhvm-setup-plugins 1785750 - [RFE] Ability to change default VM action (Suspend) in the VM Portal. 1788424 - Importing a VM having direct LUN attached using virtio driver is failing with error "VirtIO-SCSI is disabled for the VM" 1796809 - Build apache-sshd for RHV 4.4 RHEL 8 1796811 - Remove bundled apache-sshd library 1796815 - Build snmp4j for RHV 4.4 RHEL 8 1796817 - Remove bundled snmp4j library 1797316 - Snapshot creation from VM fails on second snapshot and afterwords 1797500 - Add disk operation failed to complete. 1798114 - Build apache-commons-digester for RHV 4.4 RHEL 8 1798117 - Build apache-commons-configuration for RHV 4.4 RHEL 8 1798120 - Build apache-commons-jexl for RHV 4.4 RHEL 8 1798127 - Build apache-commons-collections4 for RHV 4.4 RHEL 8 1798137 - Build apache-commons-vfs for RHV 4.4 RHEL 8 1799171 - Build ws-commons-util for RHV 4.4 RHEL 8 1799204 - Build xmlrpc for RHV 4.4 RHEL 8 1801149 - CVE-2019-13990 libquartz: XXE attacks via job description 1801709 - Disable activation of the host while Enroll certificate flow is still in progress 1803597 - rhv-image-discrepancies should skip storage domains in maintenance mode and ISO/Export 1805669 - change requirement on rhvm package from spice-client-msi to spice-client-win 1806276 - [HE] ovirt-provider-ovn is non-functional on 4.3.9 Hosted-Engine 1807047 - Build m2crypto for RHV 4.4 RHEL 8 1807860 - [RFE] Allow resource allocation options to be customized 1808096 - Uploading ISOs causes "Uncaught exception occurred. Please try reloading the page. Details: (TypeError) : a.n is null" 1808126 - host_service.install() does not work with deploy_hosted_engine as True. 1809040 - [CNV&RHV] let the user know that token is not valid anymore 1809052 - [CNV&RHV] ovirt-engine log file spammed by failed timers ( approx 3-5 messages/sec ) 1809875 - rhv-image-discrepancies only compares images on the last DC 1809877 - rhv-image-discrepancies sends dump-volume-chains with parameter that is ignored 1810893 - mountOptions is ignored for "import storage domain" from GUI 1811865 - [Scale] Host Monitoring generates excessive amount of qos related sql queries 1811869 - [Scale] Webadmin\REST for host interface list response time is too long because of excessive amount of qos related sql queries 1812875 - Unable to create VMs when french Language is selected for the rhvm gui. 1813305 - Engine updating SLA policies of VMs continuously in an environment which is not having any QOS configured 1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or proto payload 1814197 - [CNV&RHV] when provider is remover DC is left behind and active 1814215 - [CNV&RHV] Adding new provider to engine fails after succesfull test 1816017 - Build log4j12 for RHV 4.4 EL8 1816643 - [CNV&RHV] VM created in CNV not visible in RHV 1816654 - [CNV&RHV] adding provider with already created vm failed 1816693 - [CNV&RHV] CNV VM failed to restart even if 1st dialog looks fine 1816739 - [CNV&RHV] CNV VM updated form CNV side doesn't update vm properties over on RHV side 1817467 - [Tracking] Migration path between RHV 4.3 and 4.4 1818745 - rhv-log-collector-analyzer 0.2.17 still requires pyhton2 1819201 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update 1819248 - Cannot upgrade host after engine setup 1819514 - Failed to register 4.4 host to the latest engine (4.4.0-0.29.master.el8ev) 1819960 - NPE on ImportVmTemplateFromConfigurationCommand when creating VM from ovf_data 1820621 - Build apache-commons-compress for RHV 4.4 EL8 1820638 - Build apache-commons-jxpath for RHV 4.4 EL8 1821164 - Failed snapshot creation can cause data corruption of other VMs 1821930 - Enable only TLSv1.2+ protocol for SPICE on EL7 hosts 1824095 - VM portal shows only error 1825793 - RHV branding is missing after upgrade from 4.3 1826248 - [4.4][ovirt-cockpit-sso] Compatibility issues with python3 1826437 - The console client resources page return HTTP code 500 1826801 - [CNV&RHV] update of memory on cnv side does not propagate to rhv 1826855 - [cnv&rhv] update of cpu on cnv side causing expetion in engine.log 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1828669 - After SPM select the engine lost communication to all hosts until restarted [improved logging] 1828736 - [CNV&RHV] cnv template is not propagated to rhv 1829189 - engine-setup httpd ssl configuration conflicts with Red Hat Insights 1829656 - Failed to register 4.3 host to 4.4 engine with 4.3 cluster (4.4.0-0.33.master.el8ev) 1829830 - vhost custom properties does not accept '-' 1832161 - rhv-log-collector-analyzer fails with UnicodeDecodeError on RHEL8 1834523 - Edit VM -> Enable Smartcard sharing does not stick when VM is running 1838493 - Live snapshot made with freeze in the engine will cause the FS to be frozen 1841495 - Upgrade openstack-java-sdk to 3.2.9 1842495 - high cpu usage after entering wrong search pattern in RHVM 1844270 - [vGPU] nodisplay option for mdev broken since mdev scheduling unit 1844855 - Missing images (favicon.ico, banner logo) and missing brand.css file on VM portal d/s installation 1845473 - Exporting an OVA file from a VM results in its ovf file having a format of RAW when the disk is COW 1847420 - CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing 1850004 - CVE-2020-11023 jQuery: passing HTML containing elements to manipulation methods could result in untrusted code execution 1853444 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update (July-2020) 1854563 - [4.4 downstream only][RFE] Include a link to grafana on front page
- Package List:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:
Source: ansible-runner-1.4.5-1.el8ar.src.rpm ansible-runner-service-1.0.2-1.el8ev.src.rpm apache-commons-collections4-4.4-1.el8ev.src.rpm apache-commons-compress-1.18-1.el8ev.src.rpm apache-commons-configuration-1.10-1.el8ev.src.rpm apache-commons-jexl-2.1.1-1.el8ev.src.rpm apache-commons-jxpath-1.3-29.el8ev.src.rpm apache-commons-vfs-2.4.1-1.el8ev.src.rpm apache-sshd-2.5.1-1.el8ev.src.rpm ebay-cors-filter-1.0.1-4.el8ev.src.rpm ed25519-java-0.3.0-1.el8ev.src.rpm engine-db-query-1.6.1-1.el8ev.src.rpm java-client-kubevirt-0.5.0-1.el8ev.src.rpm log4j12-1.2.17-22.el8ev.src.rpm m2crypto-0.35.2-5.el8ev.src.rpm makeself-2.4.0-4.el8ev.src.rpm novnc-1.1.0-1.el8ost.src.rpm openstack-java-sdk-3.2.9-1.el8ev.src.rpm ovirt-cockpit-sso-0.1.4-1.el8ev.src.rpm ovirt-engine-4.4.1.8-0.7.el8ev.src.rpm ovirt-engine-api-explorer-0.0.6-1.el8ev.src.rpm ovirt-engine-dwh-4.4.1.2-1.el8ev.src.rpm ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.src.rpm ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.src.rpm ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.src.rpm ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.src.rpm ovirt-engine-extensions-api-1.0.1-1.el8ev.src.rpm ovirt-engine-metrics-1.4.1.1-1.el8ev.src.rpm ovirt-engine-ui-extensions-1.2.2-1.el8ev.src.rpm ovirt-fast-forward-upgrade-1.1.6-0.el8ev.src.rpm ovirt-log-collector-4.4.2-1.el8ev.src.rpm ovirt-scheduler-proxy-0.1.9-1.el8ev.src.rpm ovirt-web-ui-1.6.3-1.el8ev.src.rpm python-aniso8601-0.82-4.el8ost.src.rpm python-flask-1.0.2-2.el8ost.src.rpm python-flask-restful-0.3.6-8.el8ost.src.rpm python-netaddr-0.7.19-8.1.el8ost.src.rpm python-notario-0.0.16-2.el8cp.src.rpm python-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.src.rpm python-pbr-5.1.2-2.el8ost.src.rpm python-six-1.12.0-1.el8ost.src.rpm python-websocket-client-0.54.0-1.el8ost.src.rpm python-werkzeug-0.16.0-1.el8ost.src.rpm rhv-log-collector-analyzer-1.0.2-1.el8ev.src.rpm rhvm-branding-rhv-4.4.4-1.el8ev.src.rpm rhvm-dependencies-4.4.0-1.el8ev.src.rpm rhvm-setup-plugins-4.4.2-1.el8ev.src.rpm snmp4j-2.4.1-1.el8ev.src.rpm unboundid-ldapsdk-4.0.14-1.el8ev.src.rpm vdsm-jsonrpc-java-1.5.4-1.el8ev.src.rpm ws-commons-util-1.0.2-1.el8ev.src.rpm xmlrpc-3.1.3-1.el8ev.src.rpm
noarch: ansible-runner-1.4.5-1.el8ar.noarch.rpm ansible-runner-service-1.0.2-1.el8ev.noarch.rpm apache-commons-collections4-4.4-1.el8ev.noarch.rpm apache-commons-collections4-javadoc-4.4-1.el8ev.noarch.rpm apache-commons-compress-1.18-1.el8ev.noarch.rpm apache-commons-compress-javadoc-1.18-1.el8ev.noarch.rpm apache-commons-configuration-1.10-1.el8ev.noarch.rpm apache-commons-jexl-2.1.1-1.el8ev.noarch.rpm apache-commons-jexl-javadoc-2.1.1-1.el8ev.noarch.rpm apache-commons-jxpath-1.3-29.el8ev.noarch.rpm apache-commons-jxpath-javadoc-1.3-29.el8ev.noarch.rpm apache-commons-vfs-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-ant-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-examples-2.4.1-1.el8ev.noarch.rpm apache-commons-vfs-javadoc-2.4.1-1.el8ev.noarch.rpm apache-sshd-2.5.1-1.el8ev.noarch.rpm apache-sshd-javadoc-2.5.1-1.el8ev.noarch.rpm ebay-cors-filter-1.0.1-4.el8ev.noarch.rpm ed25519-java-0.3.0-1.el8ev.noarch.rpm ed25519-java-javadoc-0.3.0-1.el8ev.noarch.rpm engine-db-query-1.6.1-1.el8ev.noarch.rpm java-client-kubevirt-0.5.0-1.el8ev.noarch.rpm log4j12-1.2.17-22.el8ev.noarch.rpm log4j12-javadoc-1.2.17-22.el8ev.noarch.rpm makeself-2.4.0-4.el8ev.noarch.rpm novnc-1.1.0-1.el8ost.noarch.rpm openstack-java-ceilometer-client-3.2.9-1.el8ev.noarch.rpm openstack-java-ceilometer-model-3.2.9-1.el8ev.noarch.rpm openstack-java-cinder-client-3.2.9-1.el8ev.noarch.rpm openstack-java-cinder-model-3.2.9-1.el8ev.noarch.rpm openstack-java-client-3.2.9-1.el8ev.noarch.rpm openstack-java-glance-client-3.2.9-1.el8ev.noarch.rpm openstack-java-glance-model-3.2.9-1.el8ev.noarch.rpm openstack-java-heat-client-3.2.9-1.el8ev.noarch.rpm openstack-java-heat-model-3.2.9-1.el8ev.noarch.rpm openstack-java-javadoc-3.2.9-1.el8ev.noarch.rpm openstack-java-keystone-client-3.2.9-1.el8ev.noarch.rpm openstack-java-keystone-model-3.2.9-1.el8ev.noarch.rpm openstack-java-nova-client-3.2.9-1.el8ev.noarch.rpm openstack-java-nova-model-3.2.9-1.el8ev.noarch.rpm openstack-java-quantum-client-3.2.9-1.el8ev.noarch.rpm openstack-java-quantum-model-3.2.9-1.el8ev.noarch.rpm openstack-java-resteasy-connector-3.2.9-1.el8ev.noarch.rpm openstack-java-swift-client-3.2.9-1.el8ev.noarch.rpm openstack-java-swift-model-3.2.9-1.el8ev.noarch.rpm ovirt-cockpit-sso-0.1.4-1.el8ev.noarch.rpm ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-api-explorer-0.0.6-1.el8ev.noarch.rpm ovirt-engine-backend-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-dbscripts-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-dwh-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-dwh-grafana-integration-setup-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-dwh-setup-4.4.1.2-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-ldap-setup-1.4.0-1.el8ev.noarch.rpm ovirt-engine-extension-aaa-misc-1.1.0-1.el8ev.noarch.rpm ovirt-engine-extension-logger-log4j-1.1.0-1.el8ev.noarch.rpm ovirt-engine-extensions-api-1.0.1-1.el8ev.noarch.rpm ovirt-engine-extensions-api-javadoc-1.0.1-1.el8ev.noarch.rpm ovirt-engine-health-check-bundler-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-metrics-1.4.1.1-1.el8ev.noarch.rpm ovirt-engine-restapi-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-base-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-cinderlib-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-imageio-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-common-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-setup-plugin-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-tools-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-tools-backup-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-ui-extensions-1.2.2-1.el8ev.noarch.rpm ovirt-engine-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-webadmin-portal-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-engine-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm ovirt-fast-forward-upgrade-1.1.6-0.el8ev.noarch.rpm ovirt-log-collector-4.4.2-1.el8ev.noarch.rpm ovirt-scheduler-proxy-0.1.9-1.el8ev.noarch.rpm ovirt-web-ui-1.6.3-1.el8ev.noarch.rpm python-flask-doc-1.0.2-2.el8ost.noarch.rpm python2-netaddr-0.7.19-8.1.el8ost.noarch.rpm python2-pbr-5.1.2-2.el8ost.noarch.rpm python2-six-1.12.0-1.el8ost.noarch.rpm python3-aniso8601-0.82-4.el8ost.noarch.rpm python3-ansible-runner-1.4.5-1.el8ar.noarch.rpm python3-flask-1.0.2-2.el8ost.noarch.rpm python3-flask-restful-0.3.6-8.el8ost.noarch.rpm python3-netaddr-0.7.19-8.1.el8ost.noarch.rpm python3-notario-0.0.16-2.el8cp.noarch.rpm python3-ovirt-engine-lib-4.4.1.8-0.7.el8ev.noarch.rpm python3-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.noarch.rpm python3-pbr-5.1.2-2.el8ost.noarch.rpm python3-six-1.12.0-1.el8ost.noarch.rpm python3-websocket-client-0.54.0-1.el8ost.noarch.rpm python3-werkzeug-0.16.0-1.el8ost.noarch.rpm python3-werkzeug-doc-0.16.0-1.el8ost.noarch.rpm rhv-log-collector-analyzer-1.0.2-1.el8ev.noarch.rpm rhvm-4.4.1.8-0.7.el8ev.noarch.rpm rhvm-branding-rhv-4.4.4-1.el8ev.noarch.rpm rhvm-dependencies-4.4.0-1.el8ev.noarch.rpm rhvm-setup-plugins-4.4.2-1.el8ev.noarch.rpm snmp4j-2.4.1-1.el8ev.noarch.rpm snmp4j-javadoc-2.4.1-1.el8ev.noarch.rpm unboundid-ldapsdk-4.0.14-1.el8ev.noarch.rpm unboundid-ldapsdk-javadoc-4.0.14-1.el8ev.noarch.rpm vdsm-jsonrpc-java-1.5.4-1.el8ev.noarch.rpm ws-commons-util-1.0.2-1.el8ev.noarch.rpm ws-commons-util-javadoc-1.0.2-1.el8ev.noarch.rpm xmlrpc-client-3.1.3-1.el8ev.noarch.rpm xmlrpc-common-3.1.3-1.el8ev.noarch.rpm xmlrpc-javadoc-3.1.3-1.el8ev.noarch.rpm xmlrpc-server-3.1.3-1.el8ev.noarch.rpm
x86_64: m2crypto-debugsource-0.35.2-5.el8ev.x86_64.rpm python3-m2crypto-0.35.2-5.el8ev.x86_64.rpm python3-m2crypto-debuginfo-0.35.2-5.el8ev.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-18635 https://access.redhat.com/security/cve/CVE-2019-8331 https://access.redhat.com/security/cve/CVE-2019-10086 https://access.redhat.com/security/cve/CVE-2019-13990 https://access.redhat.com/security/cve/CVE-2019-17195 https://access.redhat.com/security/cve/CVE-2019-19336 https://access.redhat.com/security/cve/CVE-2020-7598 https://access.redhat.com/security/cve/CVE-2020-10775 https://access.redhat.com/security/cve/CVE-2020-11022 https://access.redhat.com/security/cve/CVE-2020-11023 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXylir9zjgjWX9erEAQii/A//bJm3u0+ul+LdQwttSJJ79OdVqcp3FktP tdPj8AFbB6F9KkuX9FAQja0/2pgZAldB3Eyz57GYTxyDD1qeMqYSayGHCH01GWAn u8uF90lcSz6YvgEPDh1mWhLYQMfdWT6IUuKOEHldt8TyHbc7dX3xCbsLDzNCxGbl QuPSFPQBJaAXETSw42NGzdUzaM9zoQ0Mngj+Owcgw53YyBy3BSLAb5bKuijvkcLy SVCAxxiQ89E+cnETKYIv4dOfqXGA5wLg68hDmUQyFcXHA9nQbJM9Q0s1fbZ2Wav1 oGGTqJDTgVElxrHB5pYJ6pu484ZgJealkBCrHA2OBsMJUadwitVvQLXFZF5OyN0N f/vtZ1ua4mZADa61qfnlmVRiyISwmPPWIOImA3TIE5Q8Yl5ucCqtDjQPoJAbXsUl Y22Bb5x7JyrN0nyOgwh6BGGK51CmOaP+xNuWD7osI24pnzdmPTZuJrZLePxgPgac WWQNznzvokknva2ofvujAm+DEl+W7W3A8Vs9wkmUWYlaVC7GFLEkcvQjjHahZ7kh dVJNoh70vpA+aJCMQHYK6MGtCSAWoqXkRTsHb3Stfm2vLLz6GYxY5OuvB7Z0ME1N zCiFjBla5+3nKx5ab8Pola56T1wRULHL6zYN9GTsOzxjdJsKHXBVeV8OYcnoHiza 2TrKn2dtZwI= =92Q3 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Relevant releases/architectures:
RHV-M 4.3 - noarch
- Description:
The ovirt-engine-ui-extensions package contains UI plugins that provide various extensions to the oVirt administration UI.
Bug Fix(es):
- Known moderate severity security vulnerability detected by GitHub on ovirt-engine-ui-extensions components (BZ#1694035)
4
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0360", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "bootstrap", scope: "gte", trust: 1, vendor: "getbootstrap", version: "4.3.0", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip advanced firewall manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip domain name system", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip domain name system", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip fraud protection service", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip policy enforcement manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip webaccelerator", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip policy enforcement manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip application acceleration manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip analytics", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip fraud protection service", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip policy enforcement manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip global traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip application acceleration manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip domain name system", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip analytics", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip fraud protection service", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip fraud protection service", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip fraud protection service", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip global traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip local traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip policy enforcement manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip application acceleration manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip application acceleration manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip analytics", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip policy enforcement manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip application acceleration manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip webaccelerator", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip access policy manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip analytics", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip local traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip edge gateway", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip advanced firewall manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip global traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip application security manager", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip global traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip access policy manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip fraud protection service", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip edge gateway", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip advanced firewall manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip local traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip application security manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip application acceleration manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip local traffic manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip analytics", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip fraud protection service", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip access policy manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip edge gateway", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip advanced firewall manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip access policy manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip link controller", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip application acceleration manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip advanced firewall manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip application security manager", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip analytics", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip edge gateway", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip webaccelerator", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip application security manager", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip link controller", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "virtualization manager", scope: "eq", trust: 1, vendor: "redhat", version: "4.3", }, { model: "big-ip webaccelerator", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "bootstrap", scope: "lt", trust: 1, vendor: "getbootstrap", version: "4.3.1", }, { model: "big-ip domain name system", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip domain name system", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip advanced firewall manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip fraud protection service", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip link controller", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "bootstrap", scope: "lt", trust: 1, vendor: "getbootstrap", version: "3.4.1", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip link controller", scope: "lt", trust: 1, vendor: "f5", version: "15.1.0", }, { model: "big-ip application acceleration manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip advanced firewall manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip policy enforcement manager", scope: "gte", trust: 1, vendor: "f5", version: "14.0.0", }, { model: "big-ip domain name system", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip analytics", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip global traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip domain name system", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip local traffic manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip analytics", scope: "lt", trust: 1, vendor: "f5", version: "14.1.2.5", }, { model: "big-ip domain name system", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip policy enforcement manager", scope: "gte", trust: 1, vendor: "f5", version: "12.1.0", }, { model: "big-ip link controller", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip edge gateway", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip application security manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "big-ip advanced firewall manager", scope: "lt", trust: 1, vendor: "f5", version: "12.1.5.1", }, { model: "big-ip policy enforcement manager", scope: "gte", trust: 1, vendor: "f5", version: "15.0.0", }, { model: "big-ip webaccelerator", scope: "lt", trust: 1, vendor: "f5", version: "13.1.3.4", }, { model: "big-ip access policy manager", scope: "gte", trust: 1, vendor: "f5", version: "13.0.0", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, ], sources: [ { db: "NVD", id: "CVE-2019-8331", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "159852", }, { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "170154", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, ], trust: 0.7, }, cve: "CVE-2019-8331", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2019-8331", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-159766", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2019-8331", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-8331", trust: 1, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-159766", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-159766", }, { db: "NVD", id: "CVE-2019-8331", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Bootstrap is an open source web front-end framework developed using HTML, CSS and JavaScript. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML. Summary:\n\nAn update for the pki-core:10.6 and pki-deps:10.6 modules is now available\nfor Red Hat Enterprise Linux 8. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe Public Key Infrastructure (PKI) Core contains fundamental packages\nrequired by Red Hat Certificate System. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.3 Release Notes linked from the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1376706 - restore SerialNumber tag in caManualRenewal xml\n1399546 - CVE-2015-9251 jquery: Cross-site scripting via cross-domain ajax requests\n1406505 - KRA ECC installation failed with shared tomcat\n1601614 - CVE-2018-14040 bootstrap: Cross-site Scripting (XSS) in the collapse data-parent attribute\n1601617 - CVE-2018-14042 bootstrap: Cross-site Scripting (XSS) in the data-container property of tooltip\n1666907 - CC: Enable AIA OCSP cert checking for entire cert chain\n1668097 - CVE-2016-10735 bootstrap: XSS in the data-target attribute\n1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute\n1695901 - CVE-2019-10179 pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab\n1701972 - CVE-2019-11358 jquery: Prototype pollution in object's prototype leading to denial of service, remote code execution, or property injection\n1706521 - CA - SubjectAltNameExtInput does not display text fields to the enrollment page\n1710171 - CVE-2019-10146 pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page\n1721684 - Rebase pki-servlet-engine to 9.0.30\n1724433 - caTransportCert.cfg contains MD2/MD5withRSA as signingAlgsAllowed. \n1732565 - CVE-2019-10221 pki-core: Reflected XSS in getcookies?url= endpoint in CA\n1732981 - When nuxwdog is enabled pkidaemon status shows instances as stopped. \n1777579 - CVE-2020-1721 pki-core: KRA vulnerable to reflected XSS via the getPk12 page\n1805541 - [RFE] CA Certificate Transparency with Embedded Signed Certificate Time stamp\n1817247 - Upgrade to 10.8.3 breaks PKI Tomcat Server\n1821851 - [RFE] Provide SSLEngine via JSSProvider for use with PKI\n1822246 - JSS - NativeProxy never calls releaseNativeResources - Memory Leak\n1824939 - JSS: add RSA PSS support - RHEL 8.3\n1824948 - add RSA PSS support - RHEL 8.3\n1825998 - CertificatePoliciesExtDefault MAX_NUM_POLICIES hardcoded limit\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1842734 - CVE-2019-10179 pki-core: pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab [rhel-8]\n1842736 - CVE-2019-10146 pki-core: Reflected Cross-Site Scripting in 'path length' constraint field in CA's Agent page [rhel-8]\n1843537 - Able to Perform PKI CLI operations like cert request and approval without nssdb password\n1845447 - pkispawn fails in FIPS mode: AJP connector has secretRequired=\"true\" but no secret\n1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution\n1854043 - /usr/bin/PrettyPrintCert is failing with a ClassNotFoundException\n1854959 - ca-profile-add with Netscape extensions nsCertSSLClient and nsCertEmail in the profile gets stuck in processing\n1855273 - CVE-2020-15720 pki: Dogtag's python client does not validate certificates\n1855319 - Not able to launch pkiconsole\n1856368 - kra-key-generate request is failing\n1857933 - CA Installation is failing with ncipher v12.30 HSM\n1861911 - pki cli ca-cert-request-approve hangs over crmf request from client-cert-request\n1869893 - Common certificates are missing in CS.cfg on shared PKI instance\n1871064 - replica install failing during pki-ca component configuration\n1873235 - pki ca-user-cert-add with secure port failed with 'SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT'\n\n6. Description:\n\nRed Hat JBoss Enterprise Application Platform 7 is a platform for Java\napplications based on the WildFly application runtime. JIRA issues fixed (https://issues.jboss.org/):\n\nJBEAP-23864 - (7.4.z) Upgrade xmlsec from 2.1.7.redhat-00001 to 2.2.3.redhat-00001\nJBEAP-23865 - [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001\nJBEAP-23866 - (7.4.z) Upgrade wss4j from 2.2.7.redhat-00001 to 2.3.3.redhat-00001\nJBEAP-23926 - Tracker bug for the EAP 7.4.9 release for RHEL-7\nJBEAP-24055 - (7.4.z) Upgrade HAL from 3.3.15.Final-redhat-00001 to 3.3.16.Final-redhat-00001\nJBEAP-24081 - (7.4.z) Upgrade Elytron from 1.15.14.Final-redhat-00001 to 1.15.15.Final-redhat-00001\nJBEAP-24095 - (7.4.z) Upgrade elytron-web from 1.9.2.Final-redhat-00001 to 1.9.3.Final-redhat-00001\nJBEAP-24100 - [GSS](7.4.z) Upgrade Undertow from 2.2.20.SP1-redhat-00001 to 2.2.22.SP3-redhat-00001\nJBEAP-24127 - (7.4.z) UNDERTOW-2123 - Update AsyncContextImpl.dispatch to use proper value\nJBEAP-24128 - (7.4.z) Upgrade Hibernate Search from 5.10.7.Final-redhat-00001 to 5.10.13.Final-redhat-00001\nJBEAP-24132 - [GSS](7.4.z) Upgrade Ironjacamar from 1.5.3.SP2-redhat-00001 to 1.5.10.Final-redhat-00001\nJBEAP-24147 - (7.4.z) Upgrade jboss-ejb-client from 4.0.45.Final-redhat-00001 to 4.0.49.Final-redhat-00001\nJBEAP-24167 - (7.4.z) Upgrade WildFly Core from 15.0.19.Final-redhat-00001 to 15.0.21.Final-redhat-00002\nJBEAP-24191 - [GSS](7.4.z) Upgrade remoting from 5.0.26.SP1-redhat-00001 to 5.0.27.Final-redhat-00001\nJBEAP-24195 - [GSS](7.4.z) Upgrade JSF API from 3.0.0.SP06-redhat-00001 to 3.0.0.SP07-redhat-00001\nJBEAP-24207 - (7.4.z) Upgrade Soteria from 1.0.1.redhat-00002 to 1.0.1.redhat-00003\nJBEAP-24248 - (7.4.z) ELY-2492 - Upgrade sshd-common in Elytron from 2.7.0 to 2.9.2\nJBEAP-24426 - (7.4.z) Upgrade Elytron from 1.15.15.Final-redhat-00001 to 1.15.16.Final-redhat-00001\nJBEAP-24427 - (7.4.z) Upgrade WildFly Core from 15.0.21.Final-redhat-00002 to 15.0.22.Final-redhat-00001\n\n7. Description:\n\nBootstrap style library packaged for setuptools (easy_install) / pip. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: RHV Manager (ovirt-engine) 4.4 security, bug fix, and enhancement update\nAdvisory ID: RHSA-2020:3247-01\nProduct: Red Hat Virtualization\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:3247\nIssue date: 2020-08-04\nCVE Names: CVE-2017-18635 CVE-2019-8331 CVE-2019-10086 \n CVE-2019-13990 CVE-2019-17195 CVE-2019-19336 \n CVE-2020-7598 CVE-2020-10775 CVE-2020-11022 \n CVE-2020-11023 \n=====================================================================\n\n1. Summary:\n\nUpdated ovirt-engine packages that fix several bugs and add various\nenhancements are now available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch, x86_64\n\n3. Description:\n\nThe ovirt-engine package provides the Red Hat Virtualization Manager, a\ncentralized management platform that allows system administrators to view\nand manage virtual machines. The Manager provides a comprehensive range of\nfeatures including search capabilities, resource management, live\nmigrations, and virtual infrastructure provisioning. \n\nThe Manager is a JBoss Application Server application that provides several\ninterfaces through which the virtual environment can be accessed and\ninteracted with, including an Administration Portal, a VM Portal, and a\nRepresentational State Transfer (REST) Application Programming Interface\n(API). \n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/ht\nml-single/technical_notes\n\nSecurity Fix(es):\n\n* apache-commons-beanutils: does not suppresses the class property in\nPropertyUtilsBean by default (CVE-2019-10086)\n\n* libquartz: XXE attacks via job description (CVE-2019-13990)\n\n* novnc: XSS vulnerability via the messages propagated to the status field\n(CVE-2017-18635)\n\n* bootstrap: XSS in the tooltip or popover data-template attribute\n(CVE-2019-8331)\n\n* nimbus-jose-jwt: Uncaught exceptions while parsing a JWT (CVE-2019-17195)\n\n* ovirt-engine: response_type parameter allows reflected XSS\n(CVE-2019-19336)\n\n* nodejs-minimist: prototype pollution allows adding or modifying\nproperties of Object.prototype using a constructor or __proto__ payload\n(CVE-2020-7598)\n\n* ovirt-engine: Redirect to arbitrary URL allows for phishing\n(CVE-2020-10775)\n\n* Cross-site scripting due to improper injQuery.htmlPrefilter method\n(CVE-2020-11022)\n\n* jQuery: passing HTML containing <option> elements to manipulation methods\ncould result in untrusted code execution (CVE-2020-11023)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1080097 - [RFE] Allow editing disks details in the Disks tab\n1325468 - [RFE] Autostart of VMs that are down (with Engine assistance - Engine has to be up)\n1358501 - [RFE] multihost network change - notify when done\n1427717 - [RFE] Create and/or select affinity group upon VM creation. \n1475774 - RHV-M requesting four GetDeviceListVDSCommand when editing storage domain\n1507438 - not able to deploy new rhvh host when \"/tmp\" is mounted with \"noexec\" option\n1523835 - Hosted-Engine: memory hotplug does not work for engine vm\n1527843 - [Tracker] Q35 chipset support (with seabios)\n1529042 - [RFE] Changing of Cluster CPU Type does not trigger config update notification\n1535796 - Undeployment of HE is not graceful\n1546838 - [RFE] Refuse to deploy on localhost.localdomain\n1547937 - [RFE] Live Storage Migration progress bar. \n1585986 - [HE] When lowering the cluster compatibility, we need to force update the HE storage OVF store to ensure it can start up (migration will not work). \n1593800 - [RFE] forbid new mac pools with overlapping ranges\n1596178 - inconsistent display between automatic and manual Pool Type\n1600059 - [RFE] Add by default a storage lease to HA VMs\n1610212 - After updating to RHV 4.1 while trying to edit the disk, getting error \"Cannot edit Virtual Disk. Cannot edit Virtual Disk. Disk extension combined with disk compat version update isn't supported. Please perform the updates separately.\"\n1611395 - Unable to list Compute Templates in RHV 4.2 from Satellite 6.3.2\n1616451 - [UI] add a tooltip to explain the supported matrix for the combination of disk allocation policies, formats and the combination result\n1637172 - Live Merge hung in the volume deletion phase, leaving snapshot in a LOCKED state\n1640908 - Javascript Error popup when Managing StorageDomain with LUNs and 400+ paths\n1642273 - [UI] - left nav border highlight missing in RHV\n1647440 - [RFE][UI] Provide information about the VM next run\n1648345 - Jobs are not properly cleaned after a failed task. \n1650417 - HA is broken for VMs having disks in NFS storage domain because of Qemu OFD locking\n1650505 - Increase of ClusterCompatibilityVersion to Cluster with virtual machines with outstanding configuration changes, those changes will be reverted\n1651406 - [RFE] Allow Maintenance of Host with Enforcing VM Affinity Rules (hard affinity)\n1651939 - a new size of the direct LUN not updated in Admin Portal\n1654069 - [Downstream Clone] [UI] - grids bottom scrollbar hides bottom row\n1654889 - [RFE] Support console VNC for mediated devices\n1656621 - Importing VM OVA always enables 'Cloud-Init/Sysprep'\n1658101 - [RESTAPI] Adding ISO disables serial console\n1659161 - Unable to edit pool that is delete protected\n1660071 - Regression in Migration of VM that starts in pause mode: took 11 hours\n1660644 - Concurrent LSMs of the same disk can be issued via the REST-API\n1663366 - USB selection option disabled even though USB support is enabled in RHV-4.2\n1664479 - Third VM fails to get migrated when host is placed into maintenance mode\n1666913 - [UI] warn users about different \"Vdsm Name\" when creating network with a fancy char or long name\n1670102 - [CinderLib] - openstack-cinder and cinderlib packages are not installed on ovirt-engine machine\n1671876 - \"Bond Active Slave\" parameter on RHV-M GUI shows an incorrect until Refresh Caps\n1679039 - Unable to upload image through Storage->Domain->Disk because of wrong DC\n1679110 - [RFE] change Admin Portal toast notifications location\n1679471 - [ja, de, es, fr, pt_BR] The console client resources page shows truncated title for some locales\n1679730 - Warn about host IP addresses outside range\n1686454 - CVE-2019-8331 bootstrap: XSS in the tooltip or popover data-template attribute\n1686650 - Memory snapshots' deletion logging unnecessary WARNINGS in engine.log\n1687345 - Snapshot with memory volumes can fail if the memory dump takes more than 180 seconds\n1690026 - [RFE] - Creating an NFS storage domain the engine should let the user specify exact NFS version v4.0 and not just v4\n1690155 - Disk migration progress bar not clearly visible and unusable. \n1690475 - When a live storage migration fails, the auto generated snapshot does not get removed\n1691562 - Cluster level changes are not increasing VMs generation numbers and so a new OVF_STORE content is not copied to the shared storage\n1692592 - \"Enable menu to select boot device shows 10 device listed with cdrom at 10th slot but when selecting 10 option the VM took 1 as option and boot with disk\n1693628 - Engine generates too many updates to vm_dynamic table due to the session change\n1693813 - Do not change DC level if there are VMs running/paused with older CL. \n1695026 - Failure in creating snapshots during \"Live Storage Migration\" can result in a nonexistent snapshot\n1695635 - [RFE] Improve Host Drop-down menu in different Dialogs (i.e. Alphabetical sort of Hosts in Remove|New StorageDomains)\n1696245 - [RFE] Allow full customization while cloning a VM\n1696669 - Build bouncycastle for RHV 4.4 RHEL 8\n1696676 - Build ebay-cors-filter for RHV 4.4 RHEL 8\n1698009 - Build openstack-java-sdk for RHV 4.4 RHEL 8\n1698102 - Print a warning message to engine-setup, which highlights that other clusters than the Default one are not modified to use ovirt-provider-ovn as the default network provider\n1700021 - [RFE] engine-setup should warn and prompt if ca.pem is missing but other generated pki files exist\n1700036 - [RFE] Add RedFish API for host power management for RHEV\n1700319 - VM is going to pause state with \"storage I/O error\". \n1700338 - [RFE] Alternate method to configure the email Event Notifier for a user in RHV through API (instead of RHV GUI)\n1700725 - [scale] RHV-M runs out of memory due to to much data reported by the guest agent\n1700867 - Build makeself for RHV 4.4 RHEL 8\n1701476 - Build unboundid-ldapsdk for RHV 4.4 RHEL 8\n1701491 - Build RHV-M 4.4 - RHEL 8\n1701522 - Build ovirt-imageio-proxy for RHV 4.4 / RHEL 8\n1701528 - Build / Tag python-ovsdbapp for RHV 4.4 RHEL 8\n1701530 - Build / Tag ovirt-cockpit-sso for RHV 4.4 RHEL 8\n1701531 - Build / Tag ovirt-engine-api-explorer for RHV 4.4 RHEL 8\n1701533 - Build / Tag ovirt-engine-dwh for RHV 4.4 / RHEL 8\n1701538 - Build / Tag vdsm-jsonrpc-java for RHV 4.4 RHEL 8\n1701544 - Build rhvm-dependencies for RHV 4.4 RHEL 8\n1702310 - Build / Tag ovirt-engine-ui-extensions for RHV 4.4 RHEL 8\n1702312 - Build ovirt-log-collector for RHV 4.4 RHEL 8\n1703112 - PCI address of NICs are not stored in the database after a hotplug of passthrough NIC resulting in change of network device name in VM after a reboot\n1703428 - VMs migrated from KVM to RHV show warning 'The latest guest agent needs to be installed and running on the guest'\n1707225 - [cinderlib] Cinderlib DB is missing a backup and restore option\n1708624 - Build rhvm-setup-plugins for RHV 4.4 - RHEL 8\n1710491 - No EVENT_ID is generated in /var/log/ovirt-engine/engine.log when VM is rebooted from OS level itself. \n1711006 - Metrics installation fails during the execution of playbook ovirt-metrics-store-installation if the environment is not having DHCP\n1712255 - Drop 4.1 datacenter/cluster level\n1712746 - [RFE] Ignition support for ovirt vms\n1712890 - engine-setup should check for snapshots in unsupported CL\n1714528 - Missing IDs on cluster upgrade buttons\n1714633 - Using more than one asterisk in the search string is not working when searching for users. \n1714834 - Cannot disable SCSI passthrough using API\n1715725 - Sending credentials in query string logs them in ovirt-request-logs\n1716590 - [RFE][UX] Make Cluster-wide \"Custom serial number policy\" value visible at VM level\n1718818 - [RFE] Enhance local disk passthrough\n1720686 - Tag ovirt-scheduler-proxy for RHV 4.4 RHEL 8\n1720694 - Build ovirt-engine-extension-aaa-jdbc for RHV 4.4 RHEL 8\n1720795 - New guest tools are available mark in case of guest tool located on Data Domain\n1724959 - RHV recommends reporting issues to GitHub rather than access.redhat.com (ovirt->RHV rebrand glitch?)\n1727025 - NPE in DestroyImage endAction during live merge leaving a task in DB for hours causing operations depending on host clean tasks to fail as Deactivate host/StopSPM/deactivate SD\n1728472 - Engine reports network out of sync due to ipv6 default gateway via ND RA on a non default route network. \n1729511 - engine-setup fails to upgrade to 4.3 with Unicode characters in CA subject\n1729811 - [scale] updatevmdynamic broken if too many users logged in - psql ERROR: value too long for type character varying(255)\n1730264 - VMs will fail to start if the vnic profile attached is having port mirroring enabled and have name greater than 15 characters\n1730436 - Snapshot creation was successful, but snapshot remains locked\n1731212 - RHV 4.4 landing page does not show login or allow scrolling. \n1731590 - Cannot preview snapshot, it fails and VM remains locked. \n1733031 - [RFE] Add warning when importing data domains to newer DC that may trigger SD format upgrade\n1733529 - Consume python-ovsdbapp dependencies from OSP in RHEL 8 RHV 4.4\n1733843 - Export to OVA fails if VM is running on the Host doing the export\n1734839 - Unable to start guests in our Power9 cluster without running in headless mode. \n1737234 - Attach a non-existent ISO to vm by the API return 201 and marks the Attach CD checkbox as ON\n1737684 - Engine deletes the leaf volume when SnapshotVDSCommand timed out without checking if the volume is still used by the VM\n1740978 - [RFE] Warn or Block importing VMs/Templates from unsupported compatibility levels. \n1741102 - host activation causes RHHI nodes to lose the quorum\n1741271 - Move/Copy disk are blocked if there is less space in source SD than the size of the disk\n1741625 - VM fails to be re-started with error: Failed to acquire lock: No space left on device\n1743690 - Commit and Undo buttons active when no snapshot selected\n1744557 - RHV 4.3 throws an exception when trying to access VMs which have snapshots from unsupported compatibility levels\n1745384 - [IPv6 Static] Engine should allow updating network's static ipv6gateway\n1745504 - Tag rhv-log-collector-analyzer for RHV 4.4 RHEL 8\n1746272 - [BREW BUILD ENABLER] Build the oVirt Ansible roles for RHV 4.4.0\n1746430 - [Rebase] Rebase v2v-conversion-host for RHV 4.4 Engine\n1746877 - [Metrics] Rebase bug - for the 4.4 release on EL8\n1747772 - Extra white space at the top of webadmin dialogs\n1749284 - Change the Snapshot operation to be asynchronous\n1749944 - teardownImage attempts to deactivate in-use LV's rendering the VM disk image/volumes in locked state. \n1750212 - MERGE_STATUS fails with 'Invalid UUID string: mapper' when Direct LUN that already exists is hot-plugged\n1750348 - [Tracking] rhvm-branding-rhv for RHV 4.4\n1750357 - [Tracking] ovirt-web-ui for RHV 4.4\n1750371 - [Tracking] ovirt-engine-ui-extensions for RHV 4.4\n1750482 - From VM Portal, users cannot create Operating System Windows VM. \n1751215 - Unable to change Graphical Console of HE VM. \n1751268 - add links to Insights to landing page\n1751423 - Improve description of shared memory statistics and remove unimplemented memory metrics from API\n1752890 - Build / Tag ovirt-engine-extension-aaa-ldap for RHV 4.4 RHEL 8\n1752995 - [RFE] Need to be able to set default console option\n1753629 - Build / Tag ovirt-engine-extension-aaa-misc for RHV 4.4 RHEL 8\n1753661 - Build / Tag ovirt-engine-extension-logger-log4j got RHV 4.4 / RHEl 8\n1753664 - Build ovirt-fast-forward-upgrade for RHV 4.4 /RHEL 8 support\n1754363 - [Scale] Engine generates excessive amount of dns configuration related sql queries\n1754490 - RHV Manager cannot start on EAP 7.2.4\n1755412 - Setting \"oreg_url: registry.redhat.io\" fails with error\n1758048 - clone(as thin) VM from template or create snapshot fails with 'Requested capacity 1073741824 < parent capacity 3221225472 (volume:1211)'\n1758289 - [Warn] Duplicate chassis entries in southbound database if the host is down while removing the host from Manager\n1762281 - Import of OVA created from template fails with java.lang.NullPointerException\n1763992 - [RFE] Show \"Open Console\" as the main option in the VM actions menu\n1764289 - Document details how each fence agent can be configured in RESTAPI\n1764791 - CVE-2019-17195 nimbus-jose-jwt: Uncaught exceptions while parsing a JWT\n1764932 - [BREW BUILD ENABLER] Build the ansible-runner-service for RHV 4.4\n1764943 - Create Snapshot does not proceed beyond CreateVolume\n1764959 - Apache is configured to offer TRACE method (security)\n1765660 - CVE-2017-18635 novnc: XSS vulnerability via the messages propagated to the status field\n1767319 - [RFE] forbid updating mac pool that contains ranges overlapping with any mac range in the system\n1767483 - CVE-2019-10086 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default\n1768707 - Cannot set or update iscsi portal group tag when editing storage connection via API\n1768844 - RHEL Advanced virtualization module streams support\n1769463 - [Scale] Slow performance for api/clusters when many networks devices are present\n1770237 - Cannot assign a vNIC profile for VM instance profile. \n1771793 - VM Portal crashes in what appears to be a permission related problem. \n1773313 - RHV Metric store installation fails with error: \"You need to install \\\"jmespath\\\" prior to running json_query filter\"\n1777954 - VM Templates greater then 101 quantity are not listed/reported in RHV-M Webadmin UI. \n1779580 - drop rhvm-doc package\n1781001 - CVE-2019-19336 ovirt-engine: response_type parameter allows reflected XSS\n1782236 - Windows Update (the drivers) enablement\n1782279 - Warning message for low space is not received on Imported Storage domain\n1782882 - qemu-kvm: kvm_init_vcpu failed: Function not implemented\n1784049 - Rhel6 guest with cluster default q35 chipset causes kernel panic\n1784385 - Still requiring rhvm-doc in rhvm-setup-plugins\n1785750 - [RFE] Ability to change default VM action (Suspend) in the VM Portal. \n1788424 - Importing a VM having direct LUN attached using virtio driver is failing with error \"VirtIO-SCSI is disabled for the VM\"\n1796809 - Build apache-sshd for RHV 4.4 RHEL 8\n1796811 - Remove bundled apache-sshd library\n1796815 - Build snmp4j for RHV 4.4 RHEL 8\n1796817 - Remove bundled snmp4j library\n1797316 - Snapshot creation from VM fails on second snapshot and afterwords\n1797500 - Add disk operation failed to complete. \n1798114 - Build apache-commons-digester for RHV 4.4 RHEL 8\n1798117 - Build apache-commons-configuration for RHV 4.4 RHEL 8\n1798120 - Build apache-commons-jexl for RHV 4.4 RHEL 8\n1798127 - Build apache-commons-collections4 for RHV 4.4 RHEL 8\n1798137 - Build apache-commons-vfs for RHV 4.4 RHEL 8\n1799171 - Build ws-commons-util for RHV 4.4 RHEL 8\n1799204 - Build xmlrpc for RHV 4.4 RHEL 8\n1801149 - CVE-2019-13990 libquartz: XXE attacks via job description\n1801709 - Disable activation of the host while Enroll certificate flow is still in progress\n1803597 - rhv-image-discrepancies should skip storage domains in maintenance mode and ISO/Export\n1805669 - change requirement on rhvm package from spice-client-msi to spice-client-win\n1806276 - [HE] ovirt-provider-ovn is non-functional on 4.3.9 Hosted-Engine\n1807047 - Build m2crypto for RHV 4.4 RHEL 8\n1807860 - [RFE] Allow resource allocation options to be customized\n1808096 - Uploading ISOs causes \"Uncaught exception occurred. Please try reloading the page. Details: (TypeError) : a.n is null\"\n1808126 - host_service.install() does not work with deploy_hosted_engine as True. \n1809040 - [CNV&RHV] let the user know that token is not valid anymore\n1809052 - [CNV&RHV] ovirt-engine log file spammed by failed timers ( approx 3-5 messages/sec )\n1809875 - rhv-image-discrepancies only compares images on the last DC\n1809877 - rhv-image-discrepancies sends dump-volume-chains with parameter that is ignored\n1810893 - mountOptions is ignored for \"import storage domain\" from GUI\n1811865 - [Scale] Host Monitoring generates excessive amount of qos related sql queries\n1811869 - [Scale] Webadmin\\REST for host interface list response time is too long because of excessive amount of qos related sql queries\n1812875 - Unable to create VMs when french Language is selected for the rhvm gui. \n1813305 - Engine updating SLA policies of VMs continuously in an environment which is not having any QOS configured\n1813344 - CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload\n1814197 - [CNV&RHV] when provider is remover DC is left behind and active\n1814215 - [CNV&RHV] Adding new provider to engine fails after succesfull test\n1816017 - Build log4j12 for RHV 4.4 EL8\n1816643 - [CNV&RHV] VM created in CNV not visible in RHV\n1816654 - [CNV&RHV] adding provider with already created vm failed\n1816693 - [CNV&RHV] CNV VM failed to restart even if 1st dialog looks fine\n1816739 - [CNV&RHV] CNV VM updated form CNV side doesn't update vm properties over on RHV side\n1817467 - [Tracking] Migration path between RHV 4.3 and 4.4\n1818745 - rhv-log-collector-analyzer 0.2.17 still requires pyhton2\n1819201 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update\n1819248 - Cannot upgrade host after engine setup\n1819514 - Failed to register 4.4 host to the latest engine (4.4.0-0.29.master.el8ev)\n1819960 - NPE on ImportVmTemplateFromConfigurationCommand when creating VM from ovf_data\n1820621 - Build apache-commons-compress for RHV 4.4 EL8\n1820638 - Build apache-commons-jxpath for RHV 4.4 EL8\n1821164 - Failed snapshot creation can cause data corruption of other VMs\n1821930 - Enable only TLSv1.2+ protocol for SPICE on EL7 hosts\n1824095 - VM portal shows only error\n1825793 - RHV branding is missing after upgrade from 4.3\n1826248 - [4.4][ovirt-cockpit-sso] Compatibility issues with python3\n1826437 - The console client resources page return HTTP code 500\n1826801 - [CNV&RHV] update of memory on cnv side does not propagate to rhv\n1826855 - [cnv&rhv] update of cpu on cnv side causing expetion in engine.log\n1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method\n1828669 - After SPM select the engine lost communication to all hosts until restarted [improved logging]\n1828736 - [CNV&RHV] cnv template is not propagated to rhv\n1829189 - engine-setup httpd ssl configuration conflicts with Red Hat Insights\n1829656 - Failed to register 4.3 host to 4.4 engine with 4.3 cluster (4.4.0-0.33.master.el8ev)\n1829830 - vhost custom properties does not accept '-'\n1832161 - rhv-log-collector-analyzer fails with UnicodeDecodeError on RHEL8\n1834523 - Edit VM -> Enable Smartcard sharing does not stick when VM is running\n1838493 - Live snapshot made with freeze in the engine will cause the FS to be frozen\n1841495 - Upgrade openstack-java-sdk to 3.2.9\n1842495 - high cpu usage after entering wrong search pattern in RHVM\n1844270 - [vGPU] nodisplay option for mdev broken since mdev scheduling unit\n1844855 - Missing images (favicon.ico, banner logo) and missing brand.css file on VM portal d/s installation\n1845473 - Exporting an OVA file from a VM results in its ovf file having a format of RAW when the disk is COW\n1847420 - CVE-2020-10775 ovirt-engine: Redirect to arbitrary URL allows for phishing\n1850004 - CVE-2020-11023 jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution\n1853444 - [CodeChange][i18n] oVirt 4.4 rhv branding - translation update (July-2020)\n1854563 - [4.4 downstream only][RFE] Include a link to grafana on front page\n\n6. Package List:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:\n\nSource:\nansible-runner-1.4.5-1.el8ar.src.rpm\nansible-runner-service-1.0.2-1.el8ev.src.rpm\napache-commons-collections4-4.4-1.el8ev.src.rpm\napache-commons-compress-1.18-1.el8ev.src.rpm\napache-commons-configuration-1.10-1.el8ev.src.rpm\napache-commons-jexl-2.1.1-1.el8ev.src.rpm\napache-commons-jxpath-1.3-29.el8ev.src.rpm\napache-commons-vfs-2.4.1-1.el8ev.src.rpm\napache-sshd-2.5.1-1.el8ev.src.rpm\nebay-cors-filter-1.0.1-4.el8ev.src.rpm\ned25519-java-0.3.0-1.el8ev.src.rpm\nengine-db-query-1.6.1-1.el8ev.src.rpm\njava-client-kubevirt-0.5.0-1.el8ev.src.rpm\nlog4j12-1.2.17-22.el8ev.src.rpm\nm2crypto-0.35.2-5.el8ev.src.rpm\nmakeself-2.4.0-4.el8ev.src.rpm\nnovnc-1.1.0-1.el8ost.src.rpm\nopenstack-java-sdk-3.2.9-1.el8ev.src.rpm\novirt-cockpit-sso-0.1.4-1.el8ev.src.rpm\novirt-engine-4.4.1.8-0.7.el8ev.src.rpm\novirt-engine-api-explorer-0.0.6-1.el8ev.src.rpm\novirt-engine-dwh-4.4.1.2-1.el8ev.src.rpm\novirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.src.rpm\novirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.src.rpm\novirt-engine-extension-aaa-misc-1.1.0-1.el8ev.src.rpm\novirt-engine-extension-logger-log4j-1.1.0-1.el8ev.src.rpm\novirt-engine-extensions-api-1.0.1-1.el8ev.src.rpm\novirt-engine-metrics-1.4.1.1-1.el8ev.src.rpm\novirt-engine-ui-extensions-1.2.2-1.el8ev.src.rpm\novirt-fast-forward-upgrade-1.1.6-0.el8ev.src.rpm\novirt-log-collector-4.4.2-1.el8ev.src.rpm\novirt-scheduler-proxy-0.1.9-1.el8ev.src.rpm\novirt-web-ui-1.6.3-1.el8ev.src.rpm\npython-aniso8601-0.82-4.el8ost.src.rpm\npython-flask-1.0.2-2.el8ost.src.rpm\npython-flask-restful-0.3.6-8.el8ost.src.rpm\npython-netaddr-0.7.19-8.1.el8ost.src.rpm\npython-notario-0.0.16-2.el8cp.src.rpm\npython-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.src.rpm\npython-pbr-5.1.2-2.el8ost.src.rpm\npython-six-1.12.0-1.el8ost.src.rpm\npython-websocket-client-0.54.0-1.el8ost.src.rpm\npython-werkzeug-0.16.0-1.el8ost.src.rpm\nrhv-log-collector-analyzer-1.0.2-1.el8ev.src.rpm\nrhvm-branding-rhv-4.4.4-1.el8ev.src.rpm\nrhvm-dependencies-4.4.0-1.el8ev.src.rpm\nrhvm-setup-plugins-4.4.2-1.el8ev.src.rpm\nsnmp4j-2.4.1-1.el8ev.src.rpm\nunboundid-ldapsdk-4.0.14-1.el8ev.src.rpm\nvdsm-jsonrpc-java-1.5.4-1.el8ev.src.rpm\nws-commons-util-1.0.2-1.el8ev.src.rpm\nxmlrpc-3.1.3-1.el8ev.src.rpm\n\nnoarch:\nansible-runner-1.4.5-1.el8ar.noarch.rpm\nansible-runner-service-1.0.2-1.el8ev.noarch.rpm\napache-commons-collections4-4.4-1.el8ev.noarch.rpm\napache-commons-collections4-javadoc-4.4-1.el8ev.noarch.rpm\napache-commons-compress-1.18-1.el8ev.noarch.rpm\napache-commons-compress-javadoc-1.18-1.el8ev.noarch.rpm\napache-commons-configuration-1.10-1.el8ev.noarch.rpm\napache-commons-jexl-2.1.1-1.el8ev.noarch.rpm\napache-commons-jexl-javadoc-2.1.1-1.el8ev.noarch.rpm\napache-commons-jxpath-1.3-29.el8ev.noarch.rpm\napache-commons-jxpath-javadoc-1.3-29.el8ev.noarch.rpm\napache-commons-vfs-2.4.1-1.el8ev.noarch.rpm\napache-commons-vfs-ant-2.4.1-1.el8ev.noarch.rpm\napache-commons-vfs-examples-2.4.1-1.el8ev.noarch.rpm\napache-commons-vfs-javadoc-2.4.1-1.el8ev.noarch.rpm\napache-sshd-2.5.1-1.el8ev.noarch.rpm\napache-sshd-javadoc-2.5.1-1.el8ev.noarch.rpm\nebay-cors-filter-1.0.1-4.el8ev.noarch.rpm\ned25519-java-0.3.0-1.el8ev.noarch.rpm\ned25519-java-javadoc-0.3.0-1.el8ev.noarch.rpm\nengine-db-query-1.6.1-1.el8ev.noarch.rpm\njava-client-kubevirt-0.5.0-1.el8ev.noarch.rpm\nlog4j12-1.2.17-22.el8ev.noarch.rpm\nlog4j12-javadoc-1.2.17-22.el8ev.noarch.rpm\nmakeself-2.4.0-4.el8ev.noarch.rpm\nnovnc-1.1.0-1.el8ost.noarch.rpm\nopenstack-java-ceilometer-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-ceilometer-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-cinder-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-cinder-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-glance-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-glance-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-heat-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-heat-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-javadoc-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-keystone-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-keystone-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-nova-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-nova-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-quantum-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-quantum-model-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-resteasy-connector-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-swift-client-3.2.9-1.el8ev.noarch.rpm\nopenstack-java-swift-model-3.2.9-1.el8ev.noarch.rpm\novirt-cockpit-sso-0.1.4-1.el8ev.noarch.rpm\novirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-api-explorer-0.0.6-1.el8ev.noarch.rpm\novirt-engine-backend-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-dbscripts-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-dwh-4.4.1.2-1.el8ev.noarch.rpm\novirt-engine-dwh-grafana-integration-setup-4.4.1.2-1.el8ev.noarch.rpm\novirt-engine-dwh-setup-4.4.1.2-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-jdbc-1.2.0-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-ldap-1.4.0-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-ldap-setup-1.4.0-1.el8ev.noarch.rpm\novirt-engine-extension-aaa-misc-1.1.0-1.el8ev.noarch.rpm\novirt-engine-extension-logger-log4j-1.1.0-1.el8ev.noarch.rpm\novirt-engine-extensions-api-1.0.1-1.el8ev.noarch.rpm\novirt-engine-extensions-api-javadoc-1.0.1-1.el8ev.noarch.rpm\novirt-engine-health-check-bundler-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-metrics-1.4.1.1-1.el8ev.noarch.rpm\novirt-engine-restapi-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-base-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-cinderlib-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-imageio-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-common-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-setup-plugin-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-tools-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-tools-backup-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-ui-extensions-1.2.2-1.el8ev.noarch.rpm\novirt-engine-vmconsole-proxy-helper-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-webadmin-portal-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-engine-websocket-proxy-4.4.1.8-0.7.el8ev.noarch.rpm\novirt-fast-forward-upgrade-1.1.6-0.el8ev.noarch.rpm\novirt-log-collector-4.4.2-1.el8ev.noarch.rpm\novirt-scheduler-proxy-0.1.9-1.el8ev.noarch.rpm\novirt-web-ui-1.6.3-1.el8ev.noarch.rpm\npython-flask-doc-1.0.2-2.el8ost.noarch.rpm\npython2-netaddr-0.7.19-8.1.el8ost.noarch.rpm\npython2-pbr-5.1.2-2.el8ost.noarch.rpm\npython2-six-1.12.0-1.el8ost.noarch.rpm\npython3-aniso8601-0.82-4.el8ost.noarch.rpm\npython3-ansible-runner-1.4.5-1.el8ar.noarch.rpm\npython3-flask-1.0.2-2.el8ost.noarch.rpm\npython3-flask-restful-0.3.6-8.el8ost.noarch.rpm\npython3-netaddr-0.7.19-8.1.el8ost.noarch.rpm\npython3-notario-0.0.16-2.el8cp.noarch.rpm\npython3-ovirt-engine-lib-4.4.1.8-0.7.el8ev.noarch.rpm\npython3-ovsdbapp-0.17.1-0.20191216120142.206cf14.el8ost.noarch.rpm\npython3-pbr-5.1.2-2.el8ost.noarch.rpm\npython3-six-1.12.0-1.el8ost.noarch.rpm\npython3-websocket-client-0.54.0-1.el8ost.noarch.rpm\npython3-werkzeug-0.16.0-1.el8ost.noarch.rpm\npython3-werkzeug-doc-0.16.0-1.el8ost.noarch.rpm\nrhv-log-collector-analyzer-1.0.2-1.el8ev.noarch.rpm\nrhvm-4.4.1.8-0.7.el8ev.noarch.rpm\nrhvm-branding-rhv-4.4.4-1.el8ev.noarch.rpm\nrhvm-dependencies-4.4.0-1.el8ev.noarch.rpm\nrhvm-setup-plugins-4.4.2-1.el8ev.noarch.rpm\nsnmp4j-2.4.1-1.el8ev.noarch.rpm\nsnmp4j-javadoc-2.4.1-1.el8ev.noarch.rpm\nunboundid-ldapsdk-4.0.14-1.el8ev.noarch.rpm\nunboundid-ldapsdk-javadoc-4.0.14-1.el8ev.noarch.rpm\nvdsm-jsonrpc-java-1.5.4-1.el8ev.noarch.rpm\nws-commons-util-1.0.2-1.el8ev.noarch.rpm\nws-commons-util-javadoc-1.0.2-1.el8ev.noarch.rpm\nxmlrpc-client-3.1.3-1.el8ev.noarch.rpm\nxmlrpc-common-3.1.3-1.el8ev.noarch.rpm\nxmlrpc-javadoc-3.1.3-1.el8ev.noarch.rpm\nxmlrpc-server-3.1.3-1.el8ev.noarch.rpm\n\nx86_64:\nm2crypto-debugsource-0.35.2-5.el8ev.x86_64.rpm\npython3-m2crypto-0.35.2-5.el8ev.x86_64.rpm\npython3-m2crypto-debuginfo-0.35.2-5.el8ev.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-18635\nhttps://access.redhat.com/security/cve/CVE-2019-8331\nhttps://access.redhat.com/security/cve/CVE-2019-10086\nhttps://access.redhat.com/security/cve/CVE-2019-13990\nhttps://access.redhat.com/security/cve/CVE-2019-17195\nhttps://access.redhat.com/security/cve/CVE-2019-19336\nhttps://access.redhat.com/security/cve/CVE-2020-7598\nhttps://access.redhat.com/security/cve/CVE-2020-10775\nhttps://access.redhat.com/security/cve/CVE-2020-11022\nhttps://access.redhat.com/security/cve/CVE-2020-11023\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXylir9zjgjWX9erEAQii/A//bJm3u0+ul+LdQwttSJJ79OdVqcp3FktP\ntdPj8AFbB6F9KkuX9FAQja0/2pgZAldB3Eyz57GYTxyDD1qeMqYSayGHCH01GWAn\nu8uF90lcSz6YvgEPDh1mWhLYQMfdWT6IUuKOEHldt8TyHbc7dX3xCbsLDzNCxGbl\nQuPSFPQBJaAXETSw42NGzdUzaM9zoQ0Mngj+Owcgw53YyBy3BSLAb5bKuijvkcLy\nSVCAxxiQ89E+cnETKYIv4dOfqXGA5wLg68hDmUQyFcXHA9nQbJM9Q0s1fbZ2Wav1\noGGTqJDTgVElxrHB5pYJ6pu484ZgJealkBCrHA2OBsMJUadwitVvQLXFZF5OyN0N\nf/vtZ1ua4mZADa61qfnlmVRiyISwmPPWIOImA3TIE5Q8Yl5ucCqtDjQPoJAbXsUl\nY22Bb5x7JyrN0nyOgwh6BGGK51CmOaP+xNuWD7osI24pnzdmPTZuJrZLePxgPgac\nWWQNznzvokknva2ofvujAm+DEl+W7W3A8Vs9wkmUWYlaVC7GFLEkcvQjjHahZ7kh\ndVJNoh70vpA+aJCMQHYK6MGtCSAWoqXkRTsHb3Stfm2vLLz6GYxY5OuvB7Z0ME1N\nzCiFjBla5+3nKx5ab8Pola56T1wRULHL6zYN9GTsOzxjdJsKHXBVeV8OYcnoHiza\n2TrKn2dtZwI=\n=92Q3\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Relevant releases/architectures:\n\nRHV-M 4.3 - noarch\n\n3. Description:\n\nThe ovirt-engine-ui-extensions package contains UI plugins that provide\nvarious extensions to the oVirt administration UI. \n\nBug Fix(es):\n\n* Known moderate severity security vulnerability detected by GitHub on\novirt-engine-ui-extensions components (BZ#1694035)\n\n4", sources: [ { db: "NVD", id: "CVE-2019-8331", }, { db: "VULHUB", id: "VHN-159766", }, { db: "PACKETSTORM", id: "159852", }, { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "170154", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-8331", trust: 1.8, }, { db: "PACKETSTORM", id: "156743", trust: 1.1, }, { db: "BID", id: "107375", trust: 1.1, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.1, }, { db: "PACKETSTORM", id: "159852", trust: 0.2, }, { db: "PACKETSTORM", id: "170821", trust: 0.2, }, { db: "PACKETSTORM", id: "170817", trust: 0.2, }, { db: "PACKETSTORM", id: "158750", trust: 0.2, }, { db: "PACKETSTORM", id: "170154", trust: 0.2, }, { db: "PACKETSTORM", id: "170823", trust: 0.1, }, { db: "PACKETSTORM", id: "159876", trust: 0.1, }, { db: "PACKETSTORM", id: "159353", trust: 0.1, }, { db: "PACKETSTORM", id: "160568", trust: 0.1, }, { db: "PACKETSTORM", id: "170819", trust: 0.1, }, { db: "PACKETSTORM", id: "170155", trust: 0.1, }, { db: "PACKETSTORM", id: "170042", trust: 0.1, }, { db: "CNNVD", id: "CNNVD-201902-770", trust: 0.1, }, { db: "VULHUB", id: "VHN-159766", trust: 0.1, }, { db: "PACKETSTORM", id: "154812", trust: 0.1, }, { db: "PACKETSTORM", id: "154810", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-159766", }, { db: "PACKETSTORM", id: "159852", }, { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "170154", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, { db: "NVD", id: "CVE-2019-8331", }, ], }, id: "VAR-201902-0360", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-159766", }, ], trust: 0.01, }, last_update_date: "2024-11-29T22:01:48.238000Z", problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, ], sources: [ { db: "VULHUB", id: "VHN-159766", }, { db: "NVD", id: "CVE-2019-8331", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.2, url: "https://access.redhat.com/errata/rhsa-2019:3023", }, { trust: 1.2, url: "https://access.redhat.com/errata/rhsa-2019:3024", }, { trust: 1.1, url: "http://www.securityfocus.com/bid/107375", }, { trust: 1.1, url: "https://seclists.org/bugtraq/2019/may/18", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 1.1, url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { trust: 1.1, url: "https://support.f5.com/csp/article/k24383845", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2019/may/13", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2019/may/11", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2019/may/10", }, { trust: 1.1, url: "http://packetstormsecurity.com/files/156743/octobercms-insecure-dependencies.html", }, { trust: 1.1, url: "https://github.com/twbs/bootstrap/pull/28236", }, { trust: 1.1, url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { trust: 1.1, url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.1, url: "https://access.redhat.com/errata/rhsa-2019:1456", }, { trust: 1, url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3cdev.flink.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3cissues.drill.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3cdev.drill.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3cuser.flink.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3cuser.flink.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3cdev.superset.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3cissues.hbase.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3cdev.drill.apache.org%3e", }, { trust: 1, url: "https://support.f5.com/csp/article/k24383845?utm_source=f5support&%3butm_medium=rss", }, { trust: 1, url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3cuser.flink.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3ccommits.pulsar.apache.org%3e", }, { trust: 0.7, url: "https://access.redhat.com/security/cve/cve-2019-8331", }, { trust: 0.7, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.7, url: "https://bugzilla.redhat.com/):", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8331", }, { trust: 0.6, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2019-11358", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11358", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-11023", }, { trust: 0.4, url: "https://access.redhat.com/articles/11258", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-11023", }, { trust: 0.4, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-11022", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2016-10735", }, { trust: 0.4, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-11022", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2016-10735", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2018-14042", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2015-9251", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2018-14040", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14042", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2015-9251", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14040", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.3, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://access.redhat.com/articles/2974891", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-40150", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-3143", }, { trust: 0.2, url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-42003", }, { trust: 0.2, url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-42004", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-14041", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-40150", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-45047", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2017-18214", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-40152", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-40149", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-40149", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-40152", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2018-14041", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2017-18214", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-45693", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-46364", }, { trust: 0.2, url: "https://issues.jboss.org/):", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-3143", }, { trust: 0.1, url: "https://support.f5.com/csp/article/k24383845?utm_source=f5support&amp;utm_medium=rss", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3cdev.drill.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3cdev.drill.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3cissues.drill.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3cdev.flink.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3cuser.flink.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3cuser.flink.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3cuser.flink.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714@%3cissues.hbase.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3ccommits.pulsar.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3cdev.superset.apache.org%3e", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-1721", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-10146", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10221", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-1721", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-15720", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-15720", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10146", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-10179", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10179", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-10221", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:4847", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2023:0552", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2023:0556", }, { trust: 0.1, url: "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?downloadtype=securitypatches&product=appplatform&version=7.4", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:8865", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-10744", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10744", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13990", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7598", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10775", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17195", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.3/html-single/technical_notes", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2017-18635", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7598", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:3247", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-10086", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-10086", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19336", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13990", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/ht", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-17195", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2017-18635", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-10775", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19336", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20677", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20676", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-20677", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20676", }, ], sources: [ { db: "VULHUB", id: "VHN-159766", }, { db: "PACKETSTORM", id: "159852", }, { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "170154", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, { db: "NVD", id: "CVE-2019-8331", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-159766", }, { db: "PACKETSTORM", id: "159852", }, { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "170154", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, { db: "NVD", id: "CVE-2019-8331", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-02-20T00:00:00", db: "VULHUB", id: "VHN-159766", }, { date: "2020-11-04T15:29:15", db: "PACKETSTORM", id: "159852", }, { date: "2023-01-31T17:21:40", db: "PACKETSTORM", id: "170821", }, { date: "2023-01-31T17:16:43", db: "PACKETSTORM", id: "170817", }, { date: "2022-12-08T16:27:25", db: "PACKETSTORM", id: "170154", }, { date: "2019-10-11T15:03:31", db: "PACKETSTORM", id: "154812", }, { date: "2020-08-04T14:26:33", db: "PACKETSTORM", id: "158750", }, { date: "2019-10-11T15:02:56", db: "PACKETSTORM", id: "154810", }, { date: "2019-02-20T16:29:00.837000", db: "NVD", id: "CVE-2019-8331", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-06-11T00:00:00", db: "VULHUB", id: "VHN-159766", }, { date: "2024-11-21T04:49:42.020000", db: "NVD", id: "CVE-2019-8331", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat Security Advisory 2020-4847-01", sources: [ { db: "PACKETSTORM", id: "159852", }, ], trust: 0.1, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code execution, xss", sources: [ { db: "PACKETSTORM", id: "170821", }, { db: "PACKETSTORM", id: "170817", }, { db: "PACKETSTORM", id: "154812", }, { db: "PACKETSTORM", id: "158750", }, { db: "PACKETSTORM", id: "154810", }, ], trust: 0.5, }, }
var-202112-1654
Vulnerability from variot
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). The server is fast, reliable, and can be expanded through simple APIs. Attackers can use this vulnerability to cause system crashes or server request forgery. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
macOS Big Sur 11.6.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213256.
apache Available for: macOS Big Sur Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721
AppKit Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team
AppleAVD Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22675: an anonymous researcher
AppleGraphicsControl Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-26698: Qi Sun of Trend Micro
AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro
CoreTypes Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2022-22663: Arsenii Kostromin (0x3c3e)
CVMS Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A memory initialization issue was addressed. CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori
DriverKit Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)
Graphics Drivers Available for: macOS Big Sur Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2022-22674: an anonymous researcher
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26720: Liu Long of Ant Security Light-Year Lab
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26770: Liu Long of Ant Security Light-Year Lab
Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26756: Jack Dates of RET2 Systems, Inc
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26769: Antonio Zekic (@antoniozekic)
Intel Graphics Driver Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative
IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26768: an anonymous researcher
Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg)
Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero
LaunchServices Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with additional permissions checks. CVE-2022-26767: Wojciech Reguła (@_r3ggi) of SecuRing
LaunchServices Available for: macOS Big Sur Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions on third-party applications. CVE-2022-26706: Arsenii Kostromin (0x3c3e)
libresolv Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms) of the Google Security Team
LibreSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2022-0778
libxml2 Available for: macOS Big Sur Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308
OpenSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2022-0778
PackageKit Available for: macOS Big Sur Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code. CVE-2022-26712: Mickey Jin (@patch1t)
Printing Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2022-26746: @gorelics
Security Available for: macOS Big Sur Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)
SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26718: Peter Nguyễn Vũ Hoàng of STAR Labs
SMB Available for: macOS Big Sur Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26723: Felix Poulin-Belanger
SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs
SoftwareUpdate Available for: macOS Big Sur Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2022-26728: Mickey Jin (@patch1t)
TCC Available for: macOS Big Sur Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks. CVE-2022-26726: an anonymous researcher
Tcl Available for: macOS Big Sur Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2022-26755: Arsenii Kostromin (0x3c3e)
Vim Available for: macOS Big Sur Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating Vim. CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128
WebKit Available for: macOS Big Sur Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)
Wi-Fi Available for: macOS Big Sur Impact: A malicious application may disclose restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2022-26745: an anonymous researcher
Wi-Fi Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-26761: Wang Yu of Cyberserval
zip Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to a denial of service Description: A denial of service issue was addressed with improved state handling. CVE-2022-0530
zlib Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-25032: Tavis Ormandy
zsh Available for: macOS Big Sur Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed by updating to zsh version 5.8.1. CVE-2021-45444
Additional recognition
Bluetooth We would like to acknowledge Jann Horn of Project Zero for their assistance.
macOS Big Sur 11.6.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TUACgkQeC9qKD1p rhgJBg/9HpPp6P2OtFdYHigfaoga/3szMAjXC650MlC2rF1lXyTRVsO54eupz4er K8Iud3+YnDVTUKkadftWt2XdxAADGtfEFhJW584RtnWjeli+XtGEjQ8jD1/MNPJW qtnrOh2pYG9SxolKDofhiecbYxIGppRKSDRFl0/3VGFed2FIpiRDunlttHBEhHu/ vZVSFzMrNbGvhju+ZCdwFLKXOgB851aRSeo9Xkt63tSGiee7rLmVAINyFbbPwcVP yXwMvn0TNodCBn0wBWD0+iQ3UXIDIYSPaM1Z0BQxVraEhK3Owro3JKgqNbWswMvj SY0KUulbAPs3aOeyz1BI70npYA3+Qwd+bk2hxbzbU/AxvxCrsEk04QfxLYqvj0mR VZYPcup2KAAkiTeekQ5X739r8NAyaaI+bp7FllFv/Z2jVW9kGgNIFr46R05MD9NF aC1JAZtJ4VWbMEGHnHAMrOgdGaHpryvzl2BjUXRgW27vIq5uF5YiNcpjS2BezTFc R2ojiMNRB33Y44LlH7Zv3gHm4bE3+NzcGeWvBzwOsHznk9Jiv6x2eBUxkttMlPyO zymQMONQN3bktSMT8JnmJ8rlEgISONd7NeTEzuhlGIWaWNAFmmBoPnBiPk+yC3n4 d22yFs6DLp2pJ+0zOWmTcqt1xYng05Jwj4F0KT49w0TO9Up79+o= =rtPl -----END PGP SIGNATURE-----
. Summary:
An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Security Fix(es):
-
httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)
-
httpd: Request splitting via HTTP/2 method injection and mod_proxy (CVE-2021-33193)
-
httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)
-
httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path (CVE-2021-36160)
-
httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)
-
httpd: possible NULL dereference or SSRF in forward proxy configurations (CVE-2021-44224)
-
httpd: mod_lua: Use of uninitialized value of in r:parsebody (CVE-2022-22719)
-
httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)
-
httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)
-
httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)
-
httpd: mod_sed: DoS vulnerability (CVE-2022-30522)
-
httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)
-
httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)
-
httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)
-
httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)
Additional changes:
- To fix CVE-2022-29404, the default value for the "LimitRequestBody" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB.
On systems where the value of "LimitRequestBody" is not explicitly specified in an httpd configuration file, updating the httpd package sets "LimitRequestBody" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.
If the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:
LimitRequestBody 2147483648
Systems already configured to use any explicit value for the "LimitRequestBody" directive are unaffected by this change.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1966728 - CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy 2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input 2005124 - CVE-2021-36160 httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path 2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests 2034672 - CVE-2021-44224 httpd: possible NULL dereference or SSRF in forward proxy configurations 2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds 2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody 2064322 - CVE-2022-22719 httpd: mod_lua: Use of uninitialized value of in r:parsebody 2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling 2095002 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite() 2095006 - CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match() 2095012 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody 2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability 2095018 - CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets 2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: httpd24-httpd-2.4.34-23.el7.5.src.rpm
noarch: httpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm
ppc64le: httpd24-httpd-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-devel-2.4.34-23.el7.5.ppc64le.rpm httpd24-httpd-tools-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_ldap-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_session-2.4.34-23.el7.5.ppc64le.rpm httpd24-mod_ssl-2.4.34-23.el7.5.ppc64le.rpm
s390x: httpd24-httpd-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-devel-2.4.34-23.el7.5.s390x.rpm httpd24-httpd-tools-2.4.34-23.el7.5.s390x.rpm httpd24-mod_ldap-2.4.34-23.el7.5.s390x.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.s390x.rpm httpd24-mod_session-2.4.34-23.el7.5.s390x.rpm httpd24-mod_ssl-2.4.34-23.el7.5.s390x.rpm
x86_64: httpd24-httpd-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: httpd24-httpd-2.4.34-23.el7.5.src.rpm
noarch: httpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm
x86_64: httpd24-httpd-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-33193 https://access.redhat.com/security/cve/CVE-2021-34798 https://access.redhat.com/security/cve/CVE-2021-36160 https://access.redhat.com/security/cve/CVE-2021-39275 https://access.redhat.com/security/cve/CVE-2021-44224 https://access.redhat.com/security/cve/CVE-2022-22719 https://access.redhat.com/security/cve/CVE-2022-22721 https://access.redhat.com/security/cve/CVE-2022-23943 https://access.redhat.com/security/cve/CVE-2022-26377 https://access.redhat.com/security/cve/CVE-2022-28614 https://access.redhat.com/security/cve/CVE-2022-28615 https://access.redhat.com/security/cve/CVE-2022-29404 https://access.redhat.com/security/cve/CVE-2022-30522 https://access.redhat.com/security/cve/CVE-2022-30556 https://access.redhat.com/security/cve/CVE-2022-31813 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/articles/6975397
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.6 Release Notes linked from the References section. ========================================================================== Ubuntu Security Notice USN-5212-2 January 10, 2022
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Apache HTTP Server. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. (CVE-2021-44224)
It was discovered that the Apache HTTP Server Lua module incorrectly handled memory in the multipart parser. (CVE-2021-44790)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: apache2 2.4.18-2ubuntu3.17+esm4 apache2-bin 2.4.18-2ubuntu3.17+esm4
Ubuntu 14.04 ESM: apache2 2.4.7-1ubuntu4.22+esm3 apache2-bin 2.4.7-1ubuntu4.22+esm3
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-1654", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.0", }, { model: "mac os x", scope: "eq", trust: 1, vendor: "apple", version: "10.15.7", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.20.0", }, { model: "tenable.sc", scope: "gte", trust: 1, vendor: "tenable", version: "5.14.0", }, { model: "communications session route manager", scope: "lt", trust: 1, vendor: "oracle", version: "9.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "36", }, { model: "communications session report manager", scope: "lt", trust: 1, vendor: "oracle", version: "9.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.2", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "35", }, { model: "http server", scope: "lt", trust: 1, vendor: "apache", version: "2.4.52", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.4", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "5.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "11.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.3", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "10.15.7", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: null, }, { model: "communications element manager", scope: "lt", trust: 1, vendor: "oracle", version: "9.0", }, { model: "macos", scope: "gte", trust: 1, vendor: "apple", version: "12.0.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "202201.1", }, { model: "http server", scope: "gte", trust: 1, vendor: "apache", version: "2.4.7", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.1", }, { model: "macos", scope: "gte", trust: 1, vendor: "apple", version: "11.0", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.3", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "11.6.6", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "12.4", }, { model: "tenable.sc", scope: "gte", trust: 1, vendor: "tenable", version: "5.16.0", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "apple mac os x", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "oracle communications session report manager", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "oracle communications operations monitor", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "oracle communications session element manager", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "http server", scope: null, trust: 0.8, vendor: "apache", version: null, }, { model: "macos", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "日立高信頼サーバ rv3000", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "tenable.sc", scope: null, trust: 0.8, vendor: "tenable", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "http server", scope: "gte", trust: 0.6, vendor: "apache", version: "2.4.7,<2.4.52", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169540", }, { db: "PACKETSTORM", id: "167073", }, ], trust: 0.3, }, cve: "CVE-2021-44224", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-44224", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2021-102387", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-406829", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-44224", impactScore: 4.2, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.2, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-44224", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-44224", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-44224", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2021-102387", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202112-1578", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-406829", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included). The server is fast, reliable, and can be expanded through simple APIs. Attackers can use this vulnerability to cause system crashes or server request forgery. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\n\nmacOS Big Sur 11.6.6 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213256. \n\napache\nAvailable for: macOS Big Sur\nImpact: Multiple issues in apache\nDescription: Multiple issues were addressed by updating apache to\nversion 2.4.53. \nCVE-2021-44224\nCVE-2021-44790\nCVE-2022-22719\nCVE-2022-22720\nCVE-2022-22721\n\nAppKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to gain root privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2022-22665: Lockheed Martin Red Team\n\nAppleAVD\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges. Apple is aware of a report that this issue may\nhave been actively exploited. \nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22675: an anonymous researcher\n\nAppleGraphicsControl\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day\nInitiative\n\nAppleScript\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read issue was addressed with improved\nbounds checking. \nCVE-2022-26698: Qi Sun of Trend Micro\n\nAppleScript\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26697: Qi Sun and Robert Ai of Trend Micro\n\nCoreTypes\nAvailable for: macOS Big Sur\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2022-22663: Arsenii Kostromin (0x3c3e)\n\nCVMS\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to gain root privileges\nDescription: A memory initialization issue was addressed. \nCVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori\nCVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori\n\nDriverKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: An out-of-bounds access issue was addressed with\nimproved bounds checking. \nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\nGraphics Drivers\nAvailable for: macOS Big Sur\nImpact: A local user may be able to read kernel memory\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed with improved input\nvalidation. \nCVE-2022-22674: an anonymous researcher\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26720: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26770: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26756: Jack Dates of RET2 Systems, Inc\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26769: Antonio Zekic (@antoniozekic)\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro\nZero Day Initiative\n\nIOMobileFrameBuffer\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-26768: an anonymous researcher\n\nKernel\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs\n(@starlabs_sg)\n\nKernel\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-26757: Ned Williamson of Google Project Zero\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: The issue was addressed with additional permissions\nchecks. \nCVE-2022-26767: Wojciech Reguła (@_r3ggi) of SecuRing\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions on third-party applications. \nCVE-2022-26706: Arsenii Kostromin (0x3c3e)\n\nlibresolv\nAvailable for: macOS Big Sur\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: This issue was addressed with improved checks. \nCVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms)\nof the Google Security Team\n\nLibreSSL\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2022-0778\n\nlibxml2\nAvailable for: macOS Big Sur\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-23308\n\nOpenSSL\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: This issue was addressed with improved checks. \nCVE-2022-0778\n\nPackageKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2022-26712: Mickey Jin (@patch1t)\n\nPrinting\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2022-26746: @gorelics\n\nSecurity\nAvailable for: macOS Big Sur\nImpact: A malicious app may be able to bypass signature validation\nDescription: A certificate parsing issue was addressed with improved\nchecks. \nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\nSMB\nAvailable for: macOS Big Sur\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26718: Peter Nguyễn Vũ Hoàng of STAR Labs\n\nSMB\nAvailable for: macOS Big Sur\nImpact: Mounting a maliciously crafted Samba network share may lead\nto arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26723: Felix Poulin-Belanger\n\nSMB\nAvailable for: macOS Big Sur\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs\n\nSoftwareUpdate\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed with improved entitlements. \nCVE-2022-26728: Mickey Jin (@patch1t)\n\nTCC\nAvailable for: macOS Big Sur\nImpact: An app may be able to capture a user's screen\nDescription: This issue was addressed with improved checks. \nCVE-2022-26726: an anonymous researcher\n\nTcl\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: This issue was addressed with improved environment\nsanitization. \nCVE-2022-26755: Arsenii Kostromin (0x3c3e)\n\nVim\nAvailable for: macOS Big Sur\nImpact: Multiple issues in Vim\nDescription: Multiple issues were addressed by updating Vim. \nCVE-2021-4136\nCVE-2021-4166\nCVE-2021-4173\nCVE-2021-4187\nCVE-2021-4192\nCVE-2021-4193\nCVE-2021-46059\nCVE-2022-0128\n\nWebKit\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted mail message may lead to\nrunning arbitrary javascript\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu\nof Palo Alto Networks (paloaltonetworks.com)\n\nWi-Fi\nAvailable for: macOS Big Sur\nImpact: A malicious application may disclose restricted memory\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26745: an anonymous researcher\n\nWi-Fi\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2022-26761: Wang Yu of Cyberserval\n\nzip\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted file may lead to a denial of\nservice\nDescription: A denial of service issue was addressed with improved\nstate handling. \nCVE-2022-0530\n\nzlib\nAvailable for: macOS Big Sur\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-25032: Tavis Ormandy\n\nzsh\nAvailable for: macOS Big Sur\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: This issue was addressed by updating to zsh version\n5.8.1. \nCVE-2021-45444\n\nAdditional recognition\n\nBluetooth\nWe would like to acknowledge Jann Horn of Project Zero for their\nassistance. \n\nmacOS Big Sur 11.6.6 may be obtained from the Mac App Store or\nApple's Software Downloads web site:\nhttps://support.apple.com/downloads/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TUACgkQeC9qKD1p\nrhgJBg/9HpPp6P2OtFdYHigfaoga/3szMAjXC650MlC2rF1lXyTRVsO54eupz4er\nK8Iud3+YnDVTUKkadftWt2XdxAADGtfEFhJW584RtnWjeli+XtGEjQ8jD1/MNPJW\nqtnrOh2pYG9SxolKDofhiecbYxIGppRKSDRFl0/3VGFed2FIpiRDunlttHBEhHu/\nvZVSFzMrNbGvhju+ZCdwFLKXOgB851aRSeo9Xkt63tSGiee7rLmVAINyFbbPwcVP\nyXwMvn0TNodCBn0wBWD0+iQ3UXIDIYSPaM1Z0BQxVraEhK3Owro3JKgqNbWswMvj\nSY0KUulbAPs3aOeyz1BI70npYA3+Qwd+bk2hxbzbU/AxvxCrsEk04QfxLYqvj0mR\nVZYPcup2KAAkiTeekQ5X739r8NAyaaI+bp7FllFv/Z2jVW9kGgNIFr46R05MD9NF\naC1JAZtJ4VWbMEGHnHAMrOgdGaHpryvzl2BjUXRgW27vIq5uF5YiNcpjS2BezTFc\nR2ojiMNRB33Y44LlH7Zv3gHm4bE3+NzcGeWvBzwOsHznk9Jiv6x2eBUxkttMlPyO\nzymQMONQN3bktSMT8JnmJ8rlEgISONd7NeTEzuhlGIWaWNAFmmBoPnBiPk+yC3n4\nd22yFs6DLp2pJ+0zOWmTcqt1xYng05Jwj4F0KT49w0TO9Up79+o=\n=rtPl\n-----END PGP SIGNATURE-----\n\n\n. Summary:\n\nAn update for httpd24-httpd is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)\n\n* httpd: Request splitting via HTTP/2 method injection and mod_proxy\n(CVE-2021-33193)\n\n* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)\n\n* httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path\n(CVE-2021-36160)\n\n* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input\n(CVE-2021-39275)\n\n* httpd: possible NULL dereference or SSRF in forward proxy configurations\n(CVE-2021-44224)\n\n* httpd: mod_lua: Use of uninitialized value of in r:parsebody\n(CVE-2022-22719)\n\n* httpd: core: Possible buffer overflow with very large or unlimited\nLimitXMLRequestBody (CVE-2022-22721)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* httpd: mod_lua: DoS in r:parsebody (CVE-2022-29404)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism\n(CVE-2022-31813)\n\n* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: mod_lua: Information disclosure with websockets (CVE-2022-30556)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)\n\nAdditional changes:\n\n* To fix CVE-2022-29404, the default value for the \"LimitRequestBody\"\ndirective in the Apache HTTP Server has been changed from 0 (unlimited) to\n1 GiB. \n\nOn systems where the value of \"LimitRequestBody\" is not explicitly\nspecified in an httpd configuration file, updating the httpd package sets\n\"LimitRequestBody\" to the default value of 1 GiB. As a consequence, if the\ntotal size of the HTTP request body exceeds this 1 GiB default limit, httpd\nreturns the 413 Request Entity Too Large error code. \n\nIf the new default allowed size of an HTTP request message body is\ninsufficient for your use case, update your httpd configuration files\nwithin the respective context (server, per-directory, per-file, or\nper-location) and set your preferred limit in bytes. For example, to set a\nnew 2 GiB limit, use:\n\nLimitRequestBody 2147483648\n\nSystems already configured to use any explicit value for the\n\"LimitRequestBody\" directive are unaffected by this change. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1966728 - CVE-2021-33193 httpd: Request splitting via HTTP/2 method injection and mod_proxy\n2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input\n2005124 - CVE-2021-36160 httpd: mod_proxy_uwsgi: out-of-bounds read via a crafted request uri-path\n2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests\n2034672 - CVE-2021-44224 httpd: possible NULL dereference or SSRF in forward proxy configurations\n2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds\n2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody\n2064322 - CVE-2022-22719 httpd: mod_lua: Use of uninitialized value of in r:parsebody\n2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling\n2095002 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite()\n2095006 - CVE-2022-28615 httpd: out-of-bounds read in ap_strcmp_match()\n2095012 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody\n2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability\n2095018 - CVE-2022-30556 httpd: mod_lua: Information disclosure with websockets\n2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nhttpd24-httpd-2.4.34-23.el7.5.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm\n\nppc64le:\nhttpd24-httpd-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-httpd-debuginfo-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-httpd-devel-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-httpd-tools-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-mod_ldap-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-mod_proxy_html-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-mod_session-2.4.34-23.el7.5.ppc64le.rpm\nhttpd24-mod_ssl-2.4.34-23.el7.5.ppc64le.rpm\n\ns390x:\nhttpd24-httpd-2.4.34-23.el7.5.s390x.rpm\nhttpd24-httpd-debuginfo-2.4.34-23.el7.5.s390x.rpm\nhttpd24-httpd-devel-2.4.34-23.el7.5.s390x.rpm\nhttpd24-httpd-tools-2.4.34-23.el7.5.s390x.rpm\nhttpd24-mod_ldap-2.4.34-23.el7.5.s390x.rpm\nhttpd24-mod_proxy_html-2.4.34-23.el7.5.s390x.rpm\nhttpd24-mod_session-2.4.34-23.el7.5.s390x.rpm\nhttpd24-mod_ssl-2.4.34-23.el7.5.s390x.rpm\n\nx86_64:\nhttpd24-httpd-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nhttpd24-httpd-2.4.34-23.el7.5.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.34-23.el7.5.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-devel-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-httpd-tools-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_ldap-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_session-2.4.34-23.el7.5.x86_64.rpm\nhttpd24-mod_ssl-2.4.34-23.el7.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-33193\nhttps://access.redhat.com/security/cve/CVE-2021-34798\nhttps://access.redhat.com/security/cve/CVE-2021-36160\nhttps://access.redhat.com/security/cve/CVE-2021-39275\nhttps://access.redhat.com/security/cve/CVE-2021-44224\nhttps://access.redhat.com/security/cve/CVE-2022-22719\nhttps://access.redhat.com/security/cve/CVE-2022-22721\nhttps://access.redhat.com/security/cve/CVE-2022-23943\nhttps://access.redhat.com/security/cve/CVE-2022-26377\nhttps://access.redhat.com/security/cve/CVE-2022-28614\nhttps://access.redhat.com/security/cve/CVE-2022-28615\nhttps://access.redhat.com/security/cve/CVE-2022-29404\nhttps://access.redhat.com/security/cve/CVE-2022-30522\nhttps://access.redhat.com/security/cve/CVE-2022-30556\nhttps://access.redhat.com/security/cve/CVE-2022-31813\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/articles/6975397\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.6 Release Notes linked from the References section. ==========================================================================\nUbuntu Security Notice USN-5212-2\nJanuary 10, 2022\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that the Apache HTTP Server incorrectly handled certain\n forward proxy requests. (CVE-2021-44224)\n\n It was discovered that the Apache HTTP Server Lua module incorrectly\n handled memory in the multipart parser. (CVE-2021-44790)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n apache2 2.4.18-2ubuntu3.17+esm4\n apache2-bin 2.4.18-2ubuntu3.17+esm4\n\nUbuntu 14.04 ESM:\n apache2 2.4.7-1ubuntu4.22+esm3\n apache2-bin 2.4.7-1ubuntu4.22+esm3\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2021-44224", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169540", }, { db: "PACKETSTORM", id: "167073", }, { db: "PACKETSTORM", id: "165501", }, ], trust: 2.79, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-406829", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-406829", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-44224", trust: 4.5, }, { db: "TENABLE", id: "TNS-2022-01", trust: 1.7, }, { db: "TENABLE", id: "TNS-2022-03", trust: 1.7, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/12/20/3", trust: 1.7, }, { db: "PACKETSTORM", id: "167073", trust: 0.8, }, { db: "PACKETSTORM", id: "167189", trust: 0.8, }, { db: "PACKETSTORM", id: "165501", trust: 0.8, }, { db: "PACKETSTORM", id: "168565", trust: 0.8, }, { db: "JVN", id: "JVNVU97805418", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-016456", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-102387", trust: 0.7, }, { db: "PACKETSTORM", id: "169541", trust: 0.7, }, { db: "PACKETSTORM", id: "165467", trust: 0.7, }, { db: "PACKETSTORM", id: "168072", trust: 0.7, }, { db: "CS-HELP", id: "SB2021122709", trust: 0.6, }, { db: "CS-HELP", id: "SB2022051150", trust: 0.6, }, { db: "CS-HELP", id: "SB2022060706", trust: 0.6, }, { db: "CS-HELP", id: "SB2022012003", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010609", trust: 0.6, }, { db: "CS-HELP", id: "SB2022051703", trust: 0.6, }, { db: "CS-HELP", id: "SB2021122021", trust: 0.6, }, { db: "CS-HELP", id: "SB2022042295", trust: 0.6, }, { db: "CS-HELP", id: "SB2022010513", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0171", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0064", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0039", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0686", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2411", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0135", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0214", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202112-1578", trust: 0.6, }, { db: "PACKETSTORM", id: "167188", trust: 0.2, }, { db: "PACKETSTORM", id: "169540", trust: 0.2, }, { db: "PACKETSTORM", id: "167186", trust: 0.1, }, { db: "VULHUB", id: "VHN-406829", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169540", }, { db: "PACKETSTORM", id: "167073", }, { db: "PACKETSTORM", id: "165501", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, id: "VAR-202112-1654", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, ], trust: 0.06999999999999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, ], }, last_update_date: "2024-11-29T20:05:15.626000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Oracle Critical Patch Update Advisory - January 2022 Hitachi Server / Client Product Security Information", trust: 0.8, url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { title: "Patch for Apache HTTP Server code issue vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/310321", }, { title: "Apache HTTP Server Fixes for code issue vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=175753", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.1, }, { problemtype: "NULL Pointer dereference (CWE-476) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-406829", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44224", }, { trust: 2.3, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.7, url: "https://support.apple.com/kb/ht213255", }, { trust: 1.7, url: "https://support.apple.com/kb/ht213256", }, { trust: 1.7, url: "https://support.apple.com/kb/ht213257", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2022-01", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2022-03", }, { trust: 1.7, url: "https://www.debian.org/security/2022/dsa-5035", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2022/may/38", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2022/may/35", }, { trust: 1.7, url: "http://seclists.org/fulldisclosure/2022/may/33", }, { trust: 1.7, url: "https://security.gentoo.org/glsa/202208-20", }, { trust: 1.7, url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { trust: 1.7, url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { trust: 1.1, url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rgwilbort67shmslysqzg2nmxgcmpuzo/", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfswoh4x77cv7ah7c4rmhubdwkqdl4yh/", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z7h26wj6tpknwv3qky4bhkukqvutzjtd/", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x73c35mmmzgbvpqqch7lqzumyznqa5fo/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu97805418/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfswoh4x77cv7ah7c4rmhubdwkqdl4yh/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/z7h26wj6tpknwv3qky4bhkukqvutzjtd/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x73c35mmmzgbvpqqch7lqzumyznqa5fo/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rgwilbort67shmslysqzg2nmxgcmpuzo/", }, { trust: 0.6, url: "httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0686", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010609", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/apache-http-server-server-side-request-forgery-via-proxyrequests-on-37111", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0064", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021122709", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022060706", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/165501/ubuntu-security-notice-usn-5212-2.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/169541/red-hat-security-advisory-2022-7143-01.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022010513", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2411", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0039", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/168072/gentoo-linux-security-advisory-202208-20.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0214", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0135", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022051703", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/168565/red-hat-security-advisory-2022-6753-01.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022042295", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0171", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/165467/ubuntu-security-notice-usn-5212-1.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021122021", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022051150", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht213256", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/167189/apple-security-advisory-2022-05-16-4.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022012003", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/167073/red-hat-security-advisory-2022-1915-01.html", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22721", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44790", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22719", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-36160", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-36160", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-44224", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33193", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-33193", }, { trust: 0.2, url: "https://support.apple.com/downloads/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23308", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22589", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22663", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22674", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0530", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26698", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26697", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0778", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45444", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25032", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22720", }, { trust: 0.2, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22665", }, { trust: 0.2, url: "https://support.apple.com/en-us/ht201222.", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2021-39275", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-39275", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-46059", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0128", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4187", }, { trust: 0.1, url: "https://support.apple.com/ht213256.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4193", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4173", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4192", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4136", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22675", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26706", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4166", }, { trust: 0.1, url: "https://support.apple.com/ht213255.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26714", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26727", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26728", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26748", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26721", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26720", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26722", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26746", }, { trust: 0.1, url: "https://access.redhat.com/articles/6975397", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-30556", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28614", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22719", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-29404", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-28614", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28615", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:6753", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-34798", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30522", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-28615", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-31813", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30556", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-30522", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-34798", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23943", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22721", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-29404", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-23943", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26377", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-26377", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45960", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-25313", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22823", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22822", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22824", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22824", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22826", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22827", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22822", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-45960", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-41524", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22827", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22826", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41524", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-23990", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-46143", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-25315", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-25314", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22823", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22825", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:7144", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-25236", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-25235", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23852", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-23852", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22825", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-46143", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35452", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:1915", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35452", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5212-1", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5212-2", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169540", }, { db: "PACKETSTORM", id: "167073", }, { db: "PACKETSTORM", id: "165501", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-102387", }, { db: "VULHUB", id: "VHN-406829", }, { db: "JVNDB", id: "JVNDB-2021-016456", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169540", }, { db: "PACKETSTORM", id: "167073", }, { db: "PACKETSTORM", id: "165501", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, { db: "NVD", id: "CVE-2021-44224", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-24T00:00:00", db: "CNVD", id: "CNVD-2021-102387", }, { date: "2021-12-20T00:00:00", db: "VULHUB", id: "VHN-406829", }, { date: "2022-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2021-016456", }, { date: "2022-05-17T16:59:42", db: "PACKETSTORM", id: "167188", }, { date: "2022-05-17T16:59:55", db: "PACKETSTORM", id: "167189", }, { date: "2022-09-30T14:51:18", db: "PACKETSTORM", id: "168565", }, { date: "2022-10-27T13:05:19", db: "PACKETSTORM", id: "169540", }, { date: "2022-05-11T16:37:39", db: "PACKETSTORM", id: "167073", }, { date: "2022-01-10T17:59:29", db: "PACKETSTORM", id: "165501", }, { date: "2021-12-20T00:00:00", db: "CNNVD", id: "CNNVD-202112-1578", }, { date: "2021-12-20T12:15:07.393000", db: "NVD", id: "CVE-2021-44224", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "CNVD", id: "CNVD-2021-102387", }, { date: "2022-11-02T00:00:00", db: "VULHUB", id: "VHN-406829", }, { date: "2023-12-12T07:41:00", db: "JVNDB", id: "JVNDB-2021-016456", }, { date: "2022-10-28T00:00:00", db: "CNNVD", id: "CNNVD-202112-1578", }, { date: "2024-11-21T06:30:37.133000", db: "NVD", id: "CVE-2021-44224", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "165501", }, { db: "CNNVD", id: "CNNVD-202112-1578", }, ], trust: 0.7, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache HTTP Server In NULL Pointer dereference vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-016456", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202112-1578", }, ], trust: 0.6, }, }
var-202109-1802
Vulnerability from variot
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the REST service, which listens on TCP port 443 by default. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. The server is fast, reliable and extensible through a simple API. The vulnerability stems from the mod_proxy module failing to properly validate user input. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: httpd security update Advisory ID: RHSA-2021:3856-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3856 Issue date: 2021-10-14 CVE Names: CVE-2021-40438 =====================================================================
- Summary:
An update for httpd is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server AUS (v. 7.7) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.7) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server TUS (v. 7.7) - noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Security Fix(es):
- httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:" (CVE-2021-40438)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
2005117 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing "unix:"
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: httpd-2.4.6-97.el7_9.1.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.1.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.1.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm httpd-tools-2.4.6-97.el7_9.1.x86_64.rpm mod_ldap-2.4.6-97.el7_9.1.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm mod_session-2.4.6-97.el7_9.1.x86_64.rpm mod_ssl-2.4.6-97.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: httpd-2.4.6-97.el7_9.1.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.1.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.1.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm httpd-tools-2.4.6-97.el7_9.1.x86_64.rpm mod_ldap-2.4.6-97.el7_9.1.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm mod_session-2.4.6-97.el7_9.1.x86_64.rpm mod_ssl-2.4.6-97.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 7.2):
Source: httpd-2.4.6-40.el7_2.7.src.rpm
noarch: httpd-manual-2.4.6-40.el7_2.7.noarch.rpm
x86_64: httpd-2.4.6-40.el7_2.7.x86_64.rpm httpd-debuginfo-2.4.6-40.el7_2.7.x86_64.rpm httpd-devel-2.4.6-40.el7_2.7.x86_64.rpm httpd-tools-2.4.6-40.el7_2.7.x86_64.rpm mod_ssl-2.4.6-40.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 7.3):
Source: httpd-2.4.6-45.el7_3.6.src.rpm
noarch: httpd-manual-2.4.6-45.el7_3.6.noarch.rpm
x86_64: httpd-2.4.6-45.el7_3.6.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.6.x86_64.rpm httpd-devel-2.4.6-45.el7_3.6.x86_64.rpm httpd-tools-2.4.6-45.el7_3.6.x86_64.rpm mod_ssl-2.4.6-45.el7_3.6.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: httpd-2.4.6-67.el7_4.7.src.rpm
noarch: httpd-manual-2.4.6-67.el7_4.7.noarch.rpm
x86_64: httpd-2.4.6-67.el7_4.7.x86_64.rpm httpd-debuginfo-2.4.6-67.el7_4.7.x86_64.rpm httpd-devel-2.4.6-67.el7_4.7.x86_64.rpm httpd-tools-2.4.6-67.el7_4.7.x86_64.rpm mod_session-2.4.6-67.el7_4.7.x86_64.rpm mod_ssl-2.4.6-67.el7_4.7.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source: httpd-2.4.6-89.el7_6.2.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.2.noarch.rpm
x86_64: httpd-2.4.6-89.el7_6.2.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm httpd-devel-2.4.6-89.el7_6.2.x86_64.rpm httpd-tools-2.4.6-89.el7_6.2.x86_64.rpm mod_session-2.4.6-89.el7_6.2.x86_64.rpm mod_ssl-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source: httpd-2.4.6-89.el7_6.2.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.2.noarch.rpm
ppc64le: httpd-2.4.6-89.el7_6.2.ppc64le.rpm httpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm httpd-devel-2.4.6-89.el7_6.2.ppc64le.rpm httpd-tools-2.4.6-89.el7_6.2.ppc64le.rpm mod_session-2.4.6-89.el7_6.2.ppc64le.rpm mod_ssl-2.4.6-89.el7_6.2.ppc64le.rpm
x86_64: httpd-2.4.6-89.el7_6.2.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm httpd-devel-2.4.6-89.el7_6.2.x86_64.rpm httpd-tools-2.4.6-89.el7_6.2.x86_64.rpm mod_session-2.4.6-89.el7_6.2.x86_64.rpm mod_ssl-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source: httpd-2.4.6-89.el7_6.2.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.2.noarch.rpm
x86_64: httpd-2.4.6-89.el7_6.2.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm httpd-devel-2.4.6-89.el7_6.2.x86_64.rpm httpd-tools-2.4.6-89.el7_6.2.x86_64.rpm mod_session-2.4.6-89.el7_6.2.x86_64.rpm mod_ssl-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server AUS (v. 7.7):
Source: httpd-2.4.6-90.el7_7.1.src.rpm
noarch: httpd-manual-2.4.6-90.el7_7.1.noarch.rpm
x86_64: httpd-2.4.6-90.el7_7.1.x86_64.rpm httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm httpd-devel-2.4.6-90.el7_7.1.x86_64.rpm httpd-tools-2.4.6-90.el7_7.1.x86_64.rpm mod_session-2.4.6-90.el7_7.1.x86_64.rpm mod_ssl-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.7):
Source: httpd-2.4.6-90.el7_7.1.src.rpm
noarch: httpd-manual-2.4.6-90.el7_7.1.noarch.rpm
ppc64le: httpd-2.4.6-90.el7_7.1.ppc64le.rpm httpd-debuginfo-2.4.6-90.el7_7.1.ppc64le.rpm httpd-devel-2.4.6-90.el7_7.1.ppc64le.rpm httpd-tools-2.4.6-90.el7_7.1.ppc64le.rpm mod_session-2.4.6-90.el7_7.1.ppc64le.rpm mod_ssl-2.4.6-90.el7_7.1.ppc64le.rpm
x86_64: httpd-2.4.6-90.el7_7.1.x86_64.rpm httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm httpd-devel-2.4.6-90.el7_7.1.x86_64.rpm httpd-tools-2.4.6-90.el7_7.1.x86_64.rpm mod_session-2.4.6-90.el7_7.1.x86_64.rpm mod_ssl-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.7):
Source: httpd-2.4.6-90.el7_7.1.src.rpm
noarch: httpd-manual-2.4.6-90.el7_7.1.noarch.rpm
x86_64: httpd-2.4.6-90.el7_7.1.x86_64.rpm httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm httpd-devel-2.4.6-90.el7_7.1.x86_64.rpm httpd-tools-2.4.6-90.el7_7.1.x86_64.rpm mod_session-2.4.6-90.el7_7.1.x86_64.rpm mod_ssl-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: httpd-2.4.6-97.el7_9.1.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.1.noarch.rpm
ppc64: httpd-2.4.6-97.el7_9.1.ppc64.rpm httpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm httpd-devel-2.4.6-97.el7_9.1.ppc64.rpm httpd-tools-2.4.6-97.el7_9.1.ppc64.rpm mod_session-2.4.6-97.el7_9.1.ppc64.rpm mod_ssl-2.4.6-97.el7_9.1.ppc64.rpm
ppc64le: httpd-2.4.6-97.el7_9.1.ppc64le.rpm httpd-debuginfo-2.4.6-97.el7_9.1.ppc64le.rpm httpd-devel-2.4.6-97.el7_9.1.ppc64le.rpm httpd-tools-2.4.6-97.el7_9.1.ppc64le.rpm mod_session-2.4.6-97.el7_9.1.ppc64le.rpm mod_ssl-2.4.6-97.el7_9.1.ppc64le.rpm
s390x: httpd-2.4.6-97.el7_9.1.s390x.rpm httpd-debuginfo-2.4.6-97.el7_9.1.s390x.rpm httpd-devel-2.4.6-97.el7_9.1.s390x.rpm httpd-tools-2.4.6-97.el7_9.1.s390x.rpm mod_session-2.4.6-97.el7_9.1.s390x.rpm mod_ssl-2.4.6-97.el7_9.1.s390x.rpm
x86_64: httpd-2.4.6-97.el7_9.1.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm httpd-tools-2.4.6-97.el7_9.1.x86_64.rpm mod_session-2.4.6-97.el7_9.1.x86_64.rpm mod_ssl-2.4.6-97.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.2):
x86_64: httpd-debuginfo-2.4.6-40.el7_2.7.x86_64.rpm mod_ldap-2.4.6-40.el7_2.7.x86_64.rpm mod_proxy_html-2.4.6-40.el7_2.7.x86_64.rpm mod_session-2.4.6-40.el7_2.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.3):
x86_64: httpd-debuginfo-2.4.6-45.el7_3.6.x86_64.rpm mod_ldap-2.4.6-45.el7_3.6.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.6.x86_64.rpm mod_session-2.4.6-45.el7_3.6.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: httpd-debuginfo-2.4.6-67.el7_4.7.x86_64.rpm mod_ldap-2.4.6-67.el7_4.7.x86_64.rpm mod_proxy_html-2.4.6-67.el7_4.7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.6):
x86_64: httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm mod_ldap-2.4.6-89.el7_6.2.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le: httpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm mod_ldap-2.4.6-89.el7_6.2.ppc64le.rpm mod_proxy_html-2.4.6-89.el7_6.2.ppc64le.rpm
x86_64: httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm mod_ldap-2.4.6-89.el7_6.2.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.6):
x86_64: httpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm mod_ldap-2.4.6-89.el7_6.2.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.7):
x86_64: httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm mod_ldap-2.4.6-90.el7_7.1.x86_64.rpm mod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le: httpd-debuginfo-2.4.6-90.el7_7.1.ppc64le.rpm mod_ldap-2.4.6-90.el7_7.1.ppc64le.rpm mod_proxy_html-2.4.6-90.el7_7.1.ppc64le.rpm
x86_64: httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm mod_ldap-2.4.6-90.el7_7.1.x86_64.rpm mod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.7):
x86_64: httpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm mod_ldap-2.4.6-90.el7_7.1.x86_64.rpm mod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: httpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm mod_ldap-2.4.6-97.el7_9.1.ppc64.rpm mod_proxy_html-2.4.6-97.el7_9.1.ppc64.rpm
ppc64le: httpd-debuginfo-2.4.6-97.el7_9.1.ppc64le.rpm mod_ldap-2.4.6-97.el7_9.1.ppc64le.rpm mod_proxy_html-2.4.6-97.el7_9.1.ppc64le.rpm
s390x: httpd-debuginfo-2.4.6-97.el7_9.1.s390x.rpm mod_ldap-2.4.6-97.el7_9.1.s390x.rpm mod_proxy_html-2.4.6-97.el7_9.1.s390x.rpm
x86_64: httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm mod_ldap-2.4.6-97.el7_9.1.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: httpd-2.4.6-97.el7_9.1.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.1.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.1.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm httpd-devel-2.4.6-97.el7_9.1.x86_64.rpm httpd-tools-2.4.6-97.el7_9.1.x86_64.rpm mod_session-2.4.6-97.el7_9.1.x86_64.rpm mod_ssl-2.4.6-97.el7_9.1.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: httpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm mod_ldap-2.4.6-97.el7_9.1.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-40438 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYWfxl9zjgjWX9erEAQiHUQ//augswljuYjRC9IwK5XgDLjrigqEshGaa v5C3gfY1a4SwE/x0FQCawiBmh+8VMv5as3c0eeU5C6QB/05BSBycgboIZG3H6HdF sNOxNzkcG6WmooNZNJ0/c/ykvkn0tRq812yzDTxr2IB3+LxH5cYaw9wQnt62l3yF gjtWedH9xntGpqrVK17NVe/o9Jg4tL0CEPDk+NrbXeSgwnAnLKsLjpwQT72+GVJx ZLC9DYkFguzQN+wckKPRfxGtce0GtuXHkpEShCnH32RPrNyImFMn/Nc8IyOmTadT jCd07H2MNH6+Txxt6dh2aI+SI5JwdeGRNP7IXs86H+KPNZhphS/BqFt3qHGTsw4l 3f6jGfywbWfNdLw+s0qHaWvJ2ZgTw7O1QPncfozKn8cU3Rw9OunN+r2yVTcU3KW9 0ZGHpej56UhthE1qqS5vQjUPQ6SQgC1QHGDNgYkZk0mqIL3Vkv6gEqIF8TH4ezxZ LhZcY3N6HI5LC7568idurO0uLTdjPZq8+xMmDDAXA4QvIxOsOk6x4Rf1dzCtDpGo QSzxx6a6uYXF7EWIlkaR/qY5zcyk4i8aJN8yzrxu6oNulVSIsSuMnb00SIOk8cX7 lUt5V1/RhnWSRytHE5Tz68PyfNyqgJwFDg8D/p0nxZE1Q3tXmgtLwPOY0l2zkkjB 95kGnxWCYaA= =gPcK -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. Refer to the Release Notes for information on the security fix included in this release. Solution:
Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.
The References section of this erratum contains a download link for the update. You must be logged in to download the update. ========================================================================== Ubuntu Security Notice USN-5090-4 September 28, 2021
apache2 regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
USN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem.
Original advisory details:
James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-34798)
Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275)
It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. (CVE-2021-40438)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: apache2 2.4.18-2ubuntu3.17+esm3 apache2-bin 2.4.18-2ubuntu3.17+esm3
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202109-1802", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "sinema remote connect server", scope: "lt", trust: 1, vendor: "siemens", version: "3.1", }, { model: "cloud backup", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "f5os", scope: "gte", trust: 1, vendor: "f5", version: "1.2.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "35", }, { model: "storagegrid", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "11.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.3", }, { model: "secure global desktop", scope: "eq", trust: 1, vendor: "oracle", version: "5.6", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "ruggedcom nms", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "brocade fabric operating system", scope: "eq", trust: 1, vendor: "broadcom", version: null, }, { model: "sinema remote connect server", scope: "eq", trust: 1, vendor: "siemens", version: "3.2", }, { model: "clustered data ontap", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "http server", scope: "lte", trust: 1, vendor: "apache", version: "2.4.48", }, { model: "enterprise manager ops center", scope: "eq", trust: 1, vendor: "oracle", version: "12.4.0.0", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "sinema server", scope: "eq", trust: 1, vendor: "siemens", version: "14.0", }, { model: "f5os", scope: "lte", trust: 1, vendor: "f5", version: "1.1.4", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.1", }, { model: "zfs storage appliance kit", scope: "eq", trust: 1, vendor: "oracle", version: "8.8", }, { model: "tenable.sc", scope: "lte", trust: 1, vendor: "tenable", version: "5.19.1", }, { model: "f5os", scope: "lte", trust: 1, vendor: "f5", version: "1.2.1", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.2", }, { model: "f5os", scope: "gte", trust: 1, vendor: "f5", version: "1.1.0", }, { model: "sinec nms", scope: "lt", trust: 1, vendor: "siemens", version: "1.0.3", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "hitachi infrastructure analytics advisor", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "clustered data ontap", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "hitachi ops center api configuration manager", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "http server", scope: null, trust: 0.8, vendor: "apache", version: null, }, { model: "f5os", scope: null, trust: 0.8, vendor: "f5", version: null, }, { model: "storagegrid", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "hitachi configuration manager", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "hitachi device manager", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "hitachi ops center analyzer", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "oneview", scope: null, trust: 0.7, vendor: "hewlett packard", version: null, }, { model: "http server", scope: "lte", trust: 0.6, vendor: "apache", version: "<=2.4.48", }, ], sources: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Anonymous", sources: [ { db: "ZDI", id: "ZDI-24-812", }, ], trust: 0.7, }, cve: "CVE-2021-40438", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2021-40438", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CNVD-2022-03224", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-401786", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2021-40438", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-40438", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ZDI", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-40438", impactScore: 4.2, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 0.7, userInteraction: "NONE", vectorString: "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-40438", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2021-40438", trust: 0.8, value: "Critical", }, { author: "ZDI", id: "CVE-2021-40438", trust: 0.7, value: "HIGH", }, { author: "CNVD", id: "CNVD-2022-03224", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202109-1094", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-401786", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-40438", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, { db: "VULMON", id: "CVE-2021-40438", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability.The specific flaw exists within the REST service, which listens on TCP port 443 by default. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. The server is fast, reliable and extensible through a simple API. The vulnerability stems from the mod_proxy module failing to properly validate user input. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: httpd security update\nAdvisory ID: RHSA-2021:3856-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:3856\nIssue date: 2021-10-14\nCVE Names: CVE-2021-40438 \n=====================================================================\n\n1. Summary:\n\nAn update for httpd is now available for Red Hat Enterprise Linux 7, Red\nHat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux\n7.3 Advanced Update Support, Red Hat Enterprise Linux 7.4 Advanced Update\nSupport, Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat\nEnterprise Linux 7.6 Telco Extended Update Support, Red Hat Enterprise\nLinux 7.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 7.7\nAdvanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.7 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server AUS (v. 7.2) - noarch, x86_64\nRed Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64\nRed Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64\nRed Hat Enterprise Linux Server AUS (v. 7.7) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.7) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.2) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_proxy: SSRF via a crafted request uri-path containing \"unix:\"\n(CVE-2021-40438)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2005117 - CVE-2021-40438 httpd: mod_proxy: SSRF via a crafted request uri-path containing \"unix:\"\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.1.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.1.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm\nmod_session-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.1.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.1.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm\nmod_session-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 7.2):\n\nSource:\nhttpd-2.4.6-40.el7_2.7.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-40.el7_2.7.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-40.el7_2.7.x86_64.rpm\nhttpd-debuginfo-2.4.6-40.el7_2.7.x86_64.rpm\nhttpd-devel-2.4.6-40.el7_2.7.x86_64.rpm\nhttpd-tools-2.4.6-40.el7_2.7.x86_64.rpm\nmod_ssl-2.4.6-40.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 7.3):\n\nSource:\nhttpd-2.4.6-45.el7_3.6.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-45.el7_3.6.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-45.el7_3.6.x86_64.rpm\nhttpd-debuginfo-2.4.6-45.el7_3.6.x86_64.rpm\nhttpd-devel-2.4.6-45.el7_3.6.x86_64.rpm\nhttpd-tools-2.4.6-45.el7_3.6.x86_64.rpm\nmod_ssl-2.4.6-45.el7_3.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nhttpd-2.4.6-67.el7_4.7.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-67.el7_4.7.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-67.el7_4.7.x86_64.rpm\nhttpd-debuginfo-2.4.6-67.el7_4.7.x86_64.rpm\nhttpd-devel-2.4.6-67.el7_4.7.x86_64.rpm\nhttpd-tools-2.4.6-67.el7_4.7.x86_64.rpm\nmod_session-2.4.6-67.el7_4.7.x86_64.rpm\nmod_ssl-2.4.6-67.el7_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.2.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.2.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.2.x86_64.rpm\nmod_session-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.2.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.2.noarch.rpm\n\nppc64le:\nhttpd-2.4.6-89.el7_6.2.ppc64le.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm\nhttpd-devel-2.4.6-89.el7_6.2.ppc64le.rpm\nhttpd-tools-2.4.6-89.el7_6.2.ppc64le.rpm\nmod_session-2.4.6-89.el7_6.2.ppc64le.rpm\nmod_ssl-2.4.6-89.el7_6.2.ppc64le.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.2.x86_64.rpm\nmod_session-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.2.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.2.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.2.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.2.x86_64.rpm\nmod_session-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server AUS (v. 7.7):\n\nSource:\nhttpd-2.4.6-90.el7_7.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-90.el7_7.1.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-devel-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-tools-2.4.6-90.el7_7.1.x86_64.rpm\nmod_session-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ssl-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.7):\n\nSource:\nhttpd-2.4.6-90.el7_7.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-90.el7_7.1.noarch.rpm\n\nppc64le:\nhttpd-2.4.6-90.el7_7.1.ppc64le.rpm\nhttpd-debuginfo-2.4.6-90.el7_7.1.ppc64le.rpm\nhttpd-devel-2.4.6-90.el7_7.1.ppc64le.rpm\nhttpd-tools-2.4.6-90.el7_7.1.ppc64le.rpm\nmod_session-2.4.6-90.el7_7.1.ppc64le.rpm\nmod_ssl-2.4.6-90.el7_7.1.ppc64le.rpm\n\nx86_64:\nhttpd-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-devel-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-tools-2.4.6-90.el7_7.1.x86_64.rpm\nmod_session-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ssl-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.7):\n\nSource:\nhttpd-2.4.6-90.el7_7.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-90.el7_7.1.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-devel-2.4.6-90.el7_7.1.x86_64.rpm\nhttpd-tools-2.4.6-90.el7_7.1.x86_64.rpm\nmod_session-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ssl-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.1.noarch.rpm\n\nppc64:\nhttpd-2.4.6-97.el7_9.1.ppc64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm\nhttpd-devel-2.4.6-97.el7_9.1.ppc64.rpm\nhttpd-tools-2.4.6-97.el7_9.1.ppc64.rpm\nmod_session-2.4.6-97.el7_9.1.ppc64.rpm\nmod_ssl-2.4.6-97.el7_9.1.ppc64.rpm\n\nppc64le:\nhttpd-2.4.6-97.el7_9.1.ppc64le.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.ppc64le.rpm\nhttpd-devel-2.4.6-97.el7_9.1.ppc64le.rpm\nhttpd-tools-2.4.6-97.el7_9.1.ppc64le.rpm\nmod_session-2.4.6-97.el7_9.1.ppc64le.rpm\nmod_ssl-2.4.6-97.el7_9.1.ppc64le.rpm\n\ns390x:\nhttpd-2.4.6-97.el7_9.1.s390x.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.s390x.rpm\nhttpd-devel-2.4.6-97.el7_9.1.s390x.rpm\nhttpd-tools-2.4.6-97.el7_9.1.s390x.rpm\nmod_session-2.4.6-97.el7_9.1.s390x.rpm\nmod_ssl-2.4.6-97.el7_9.1.s390x.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.1.x86_64.rpm\nmod_session-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.2):\n\nx86_64:\nhttpd-debuginfo-2.4.6-40.el7_2.7.x86_64.rpm\nmod_ldap-2.4.6-40.el7_2.7.x86_64.rpm\nmod_proxy_html-2.4.6-40.el7_2.7.x86_64.rpm\nmod_session-2.4.6-40.el7_2.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.3):\n\nx86_64:\nhttpd-debuginfo-2.4.6-45.el7_3.6.x86_64.rpm\nmod_ldap-2.4.6-45.el7_3.6.x86_64.rpm\nmod_proxy_html-2.4.6-45.el7_3.6.x86_64.rpm\nmod_session-2.4.6-45.el7_3.6.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nhttpd-debuginfo-2.4.6-67.el7_4.7.x86_64.rpm\nmod_ldap-2.4.6-67.el7_4.7.x86_64.rpm\nmod_proxy_html-2.4.6-67.el7_4.7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6):\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.2.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6):\n\nppc64le:\nhttpd-debuginfo-2.4.6-89.el7_6.2.ppc64le.rpm\nmod_ldap-2.4.6-89.el7_6.2.ppc64le.rpm\nmod_proxy_html-2.4.6-89.el7_6.2.ppc64le.rpm\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.2.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6):\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.2.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.2.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.7):\n\nx86_64:\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ldap-2.4.6-90.el7_7.1.x86_64.rpm\nmod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6):\n\nppc64le:\nhttpd-debuginfo-2.4.6-90.el7_7.1.ppc64le.rpm\nmod_ldap-2.4.6-90.el7_7.1.ppc64le.rpm\nmod_proxy_html-2.4.6-90.el7_7.1.ppc64le.rpm\n\nx86_64:\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ldap-2.4.6-90.el7_7.1.x86_64.rpm\nmod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.7):\n\nx86_64:\nhttpd-debuginfo-2.4.6-90.el7_7.1.x86_64.rpm\nmod_ldap-2.4.6-90.el7_7.1.x86_64.rpm\nmod_proxy_html-2.4.6-90.el7_7.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nhttpd-debuginfo-2.4.6-97.el7_9.1.ppc64.rpm\nmod_ldap-2.4.6-97.el7_9.1.ppc64.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.ppc64.rpm\n\nppc64le:\nhttpd-debuginfo-2.4.6-97.el7_9.1.ppc64le.rpm\nmod_ldap-2.4.6-97.el7_9.1.ppc64le.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.ppc64le.rpm\n\ns390x:\nhttpd-debuginfo-2.4.6-97.el7_9.1.s390x.rpm\nmod_ldap-2.4.6-97.el7_9.1.s390x.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.s390x.rpm\n\nx86_64:\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.1.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.1.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.1.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.1.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.1.x86_64.rpm\nmod_session-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nhttpd-debuginfo-2.4.6-97.el7_9.1.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.1.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-40438\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYWfxl9zjgjWX9erEAQiHUQ//augswljuYjRC9IwK5XgDLjrigqEshGaa\nv5C3gfY1a4SwE/x0FQCawiBmh+8VMv5as3c0eeU5C6QB/05BSBycgboIZG3H6HdF\nsNOxNzkcG6WmooNZNJ0/c/ykvkn0tRq812yzDTxr2IB3+LxH5cYaw9wQnt62l3yF\ngjtWedH9xntGpqrVK17NVe/o9Jg4tL0CEPDk+NrbXeSgwnAnLKsLjpwQT72+GVJx\nZLC9DYkFguzQN+wckKPRfxGtce0GtuXHkpEShCnH32RPrNyImFMn/Nc8IyOmTadT\njCd07H2MNH6+Txxt6dh2aI+SI5JwdeGRNP7IXs86H+KPNZhphS/BqFt3qHGTsw4l\n3f6jGfywbWfNdLw+s0qHaWvJ2ZgTw7O1QPncfozKn8cU3Rw9OunN+r2yVTcU3KW9\n0ZGHpej56UhthE1qqS5vQjUPQ6SQgC1QHGDNgYkZk0mqIL3Vkv6gEqIF8TH4ezxZ\nLhZcY3N6HI5LC7568idurO0uLTdjPZq8+xMmDDAXA4QvIxOsOk6x4Rf1dzCtDpGo\nQSzxx6a6uYXF7EWIlkaR/qY5zcyk4i8aJN8yzrxu6oNulVSIsSuMnb00SIOk8cX7\nlUt5V1/RhnWSRytHE5Tz68PyfNyqgJwFDg8D/p0nxZE1Q3tXmgtLwPOY0l2zkkjB\n95kGnxWCYaA=\n=gPcK\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. Refer to the Release Notes for information on the security fix\nincluded in this release. Solution:\n\nBefore applying the update, back up your existing installation, including\nall applications, configuration files, databases and database settings, and\nso on. \n\nThe References section of this erratum contains a download link for the\nupdate. You must be logged in to download the update. ==========================================================================\nUbuntu Security Notice USN-5090-4\nSeptember 28, 2021\n\napache2 regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n\nSummary:\n\nUSN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream\nfixes introduced a regression in UDS URIs. This update fixes the problem. \n\nOriginal advisory details:\n\n James Kettle discovered that the Apache HTTP Server HTTP/2 module\n incorrectly handled certain crafted methods. A remote attacker could\n possibly use this issue to perform request splitting or cache poisoning\n attacks. \n (CVE-2021-34798)\n \n Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly\n handled certain request uri-paths. \n This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote\n attacker could use this issue to cause the server to crash, resulting in a\n denial of service, or possibly execute arbitrary code. (CVE-2021-39275)\n \n It was discovered that the Apache mod_proxy module incorrectly handled\n certain request uri-paths. \n (CVE-2021-40438)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n apache2 2.4.18-2ubuntu3.17+esm3\n apache2-bin 2.4.18-2ubuntu3.17+esm3\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2021-40438", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, { db: "VULMON", id: "CVE-2021-40438", }, { db: "PACKETSTORM", id: "164513", }, { db: "PACKETSTORM", id: "164493", }, { db: "PACKETSTORM", id: "164505", }, { db: "PACKETSTORM", id: "164448", }, { db: "PACKETSTORM", id: "164443", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, ], trust: 3.6, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-40438", trust: 4.6, }, { db: "SIEMENS", id: "SSA-685781", trust: 1.7, }, { db: "TENABLE", id: "TNS-2021-17", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2021-004150", trust: 0.8, }, { db: "ZDI_CAN", id: "ZDI-CAN-22691", trust: 0.7, }, { db: "ZDI", id: "ZDI-24-812", trust: 0.7, }, { db: "CNVD", id: "CNVD-2022-03224", trust: 0.7, }, { db: "PACKETSTORM", id: "168072", trust: 0.7, }, { db: "PACKETSTORM", id: "164513", trust: 0.7, }, { db: "PACKETSTORM", id: "164505", trust: 0.7, }, { db: "PACKETSTORM", id: "164448", trust: 0.7, }, { db: "PACKETSTORM", id: "164329", trust: 0.7, }, { db: "PACKETSTORM", id: "164460", trust: 0.6, }, { db: "PACKETSTORM", id: "164318", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.7", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.2", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3591", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3229", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3250", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3482", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3429", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.5", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3784", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3387", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3341", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3524", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.3", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3373", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2978", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3366", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3357", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3148", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101005", trust: 0.6, }, { db: "CS-HELP", id: "SB2022041953", trust: 0.6, }, { db: "CS-HELP", id: "SB2021091707", trust: 0.6, }, { db: "CS-HELP", id: "SB2021112904", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101340", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101922", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011836", trust: 0.6, }, { db: "CS-HELP", id: "SB2022060811", trust: 0.6, }, { db: "CS-HELP", id: "SB2022042112", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101906", trust: 0.6, }, { db: "CS-HELP", id: "SB2021102601", trust: 0.6, }, { db: "CS-HELP", id: "SB2021092301", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101116", trust: 0.6, }, { db: "CS-HELP", id: "SB2021111732", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-167-06", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202109-1094", trust: 0.6, }, { db: "VULHUB", id: "VHN-401786", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-40438", trust: 0.1, }, { db: "PACKETSTORM", id: "164493", trust: 0.1, }, { db: "PACKETSTORM", id: "164443", trust: 0.1, }, { db: "PACKETSTORM", id: "164305", trust: 0.1, }, ], sources: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, { db: "VULMON", id: "CVE-2021-40438", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "PACKETSTORM", id: "164513", }, { db: "PACKETSTORM", id: "164493", }, { db: "PACKETSTORM", id: "164505", }, { db: "PACKETSTORM", id: "164448", }, { db: "PACKETSTORM", id: "164443", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, id: "VAR-202109-1802", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, ], trust: 1.3031922749999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03224", }, ], }, last_update_date: "2024-11-29T20:14:24.364000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "hitachi-sec-2021-139", trust: 0.8, url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { title: "Hewlett Packard Enterprise has issued an update to correct this vulnerability.", trust: 0.7, url: "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04586en_us&docLocale=en_US", }, { title: "Patch for Apache HTTP Server mod_proxy server request forgery vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/313356", }, { title: "Apache HTTP Server Fixes for code issue vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178533", }, { title: "Red Hat: CVE-2021-40438", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-40438", }, { title: "Debian Security Advisories: DSA-4982-1 apache2 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=93a29f7ecf9a6aaba79d3b3320aa4b85", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-40438 log", }, { title: "Hitachi Security Advisories: Vulnerability in Hitachi Command Suite, Hitachi Ops Center API Configuration Manager,Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center Analyzer", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories&qid=hitachi-sec-2021-139", }, { title: "Tenable Security Advisories: [R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202110.1", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-17", }, { title: "Amazon Linux AMI: ALAS-2021-1543", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1543", }, { title: "Amazon Linux 2: ALAS2-2021-1716", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1716", }, { title: "Cisco: Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { title: "CVE-2021-40438 exploit PoC with Docker setup", trust: 0.1, url: "https://github.com/sixpacksecurity/CVE-2021-40438 ", }, { title: "CVE-2021-40438", trust: 0.1, url: "https://github.com/gassara-kys/CVE-2021-40438 ", }, { title: "CVE-2021-40438", trust: 0.1, url: "https://github.com/Kashkovsky/CVE-2021-40438 ", }, { title: "scan_ssrf.sh", trust: 0.1, url: "https://github.com/vsh00t/BB-PoC ", }, { title: "CVE-2021-40438", trust: 0.1, url: "https://github.com/xiaojiangxl/CVE-2021-40438 ", }, ], sources: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULMON", id: "CVE-2021-40438", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-918", trust: 1.1, }, { problemtype: "Server-side request forgery (CWE-918) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-401786", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-40438", }, { trust: 1.7, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { trust: 1.7, url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2021-17", }, { trust: 1.7, url: "https://www.debian.org/security/2021/dsa-4982", }, { trust: 1.7, url: "https://security.gentoo.org/glsa/202208-20", }, { trust: 1.7, url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { trust: 1.7, url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { trust: 1.1, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-httpd-2.4.49-vwl69swq", }, { trust: 1.1, url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 1.1, url: "https://access.redhat.com/security/cve/cve-2021-40438", }, { trust: 1, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3cusers.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3cbugs.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3cusers.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3cusers.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/", }, { trust: 1, url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3cusers.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3cusers.httpd.apache.org%3e", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/", }, { trust: 1, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3cusers.httpd.apache.org%3e", }, { trust: 0.7, url: "https://support.hpe.com/hpesc/public/docdisplay?docid=hpesbgn04586en_us&doclocale=en_us", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/", }, { trust: 0.6, url: "httpd.apache.org%3e", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3cbugs.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3cusers.", }, { trust: 0.6, url: "httpd-2.4.49-vwl69swq", }, { trust: 0.6, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3cusers.", }, { trust: 0.6, url: "httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3cusers.", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164505/red-hat-security-advisory-2021-3836-01.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101906", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3229", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021112904", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3524", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022041953", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6528442", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021111732", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3429", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164448/red-hat-security-advisory-2021-3746-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3373", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3357", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3250", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3591", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021102601", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/168072/gentoo-linux-security-advisory-202208-20.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101116", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.7", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164318/ubuntu-security-notice-usn-5090-3.html", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6520016", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-167-06", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2978", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164460/red-hat-security-advisory-2021-3754-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.3", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.2", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.5", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6493841", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022042112", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022060811", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021092301", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3387", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3341", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101922", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164329/ubuntu-security-notice-usn-5090-4.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3148", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164513/red-hat-security-advisory-2021-3856-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3366", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3784", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011836", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101340", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021091707", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/apache-http-server-four-vulnerabilities-36444", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3482", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101005", }, { trust: 0.5, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.5, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.5, url: "https://bugzilla.redhat.com/):", }, { trust: 0.5, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.4, url: "https://access.redhat.com/articles/11258", }, { trust: 0.4, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33193", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-34798", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-39275", }, { trust: 0.2, url: "https://ubuntu.com/security/notices/usn-5090-1", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-36160", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37@%3cbugs.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3856", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3816", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26691", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-26691", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3836", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3746", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3745", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.17", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.5", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.46-4ubuntu1.2", }, { trust: 0.1, url: "https://launchpad.net/bugs/xxxxxx", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5090-4", }, ], sources: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "PACKETSTORM", id: "164513", }, { db: "PACKETSTORM", id: "164493", }, { db: "PACKETSTORM", id: "164505", }, { db: "PACKETSTORM", id: "164448", }, { db: "PACKETSTORM", id: "164443", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "ZDI", id: "ZDI-24-812", }, { db: "CNVD", id: "CNVD-2022-03224", }, { db: "VULHUB", id: "VHN-401786", }, { db: "VULMON", id: "CVE-2021-40438", }, { db: "JVNDB", id: "JVNDB-2021-004150", }, { db: "PACKETSTORM", id: "164513", }, { db: "PACKETSTORM", id: "164493", }, { db: "PACKETSTORM", id: "164505", }, { db: "PACKETSTORM", id: "164448", }, { db: "PACKETSTORM", id: "164443", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, { db: "NVD", id: "CVE-2021-40438", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-06-18T00:00:00", db: "ZDI", id: "ZDI-24-812", }, { date: "2022-01-13T00:00:00", db: "CNVD", id: "CNVD-2022-03224", }, { date: "2021-09-16T00:00:00", db: "VULHUB", id: "VHN-401786", }, { date: "2021-09-16T00:00:00", db: "VULMON", id: "CVE-2021-40438", }, { date: "2021-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2021-004150", }, { date: "2021-10-14T15:26:45", db: "PACKETSTORM", id: "164513", }, { date: "2021-10-13T14:52:48", db: "PACKETSTORM", id: "164493", }, { date: "2021-10-13T15:23:01", db: "PACKETSTORM", id: "164505", }, { date: "2021-10-08T15:22:49", db: "PACKETSTORM", id: "164448", }, { date: "2021-10-08T15:12:22", db: "PACKETSTORM", id: "164443", }, { date: "2021-09-28T15:06:35", db: "PACKETSTORM", id: "164305", }, { date: "2021-09-29T14:50:01", db: "PACKETSTORM", id: "164329", }, { date: "2021-09-16T00:00:00", db: "CNNVD", id: "CNNVD-202109-1094", }, { date: "2021-09-16T15:15:07.633000", db: "NVD", id: "CVE-2021-40438", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-08-15T00:00:00", db: "ZDI", id: "ZDI-24-812", }, { date: "2022-01-13T00:00:00", db: "CNVD", id: "CNVD-2022-03224", }, { date: "2022-10-05T00:00:00", db: "VULHUB", id: "VHN-401786", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2021-40438", }, { date: "2021-11-16T05:31:00", db: "JVNDB", id: "JVNDB-2021-004150", }, { date: "2022-08-16T00:00:00", db: "CNNVD", id: "CNNVD-202109-1094", }, { date: "2024-11-21T06:24:06.787000", db: "NVD", id: "CVE-2021-40438", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "CNNVD", id: "CNNVD-202109-1094", }, ], trust: 0.8, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache HTTP Server Vulnerability in which a request is forwarded to a remote user's selected origin server in", sources: [ { db: "JVNDB", id: "JVNDB-2021-004150", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202109-1094", }, ], trust: 0.6, }, }
var-201908-1841
Vulnerability from variot
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc.
Successfully exploiting this issue allow malicious users to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.
PHP versions before 7.3.8 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 addresses the following:
AMD Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team
apache_mod_php Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in PHP Description: Multiple issues were addressed by updating to PHP version 7.3.8. CVE-2019-11041 CVE-2019-11042
Audio Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab Entry added October 29, 2019
Books Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service Description: A resource exhaustion issue was addressed with improved input validation. CVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven Entry added October 29, 2019
CFNetwork Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to a cross site scripting attack Description: This issue was addressed with improved checks. CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland Entry added October 29, 2019
CoreAudio Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted movie may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved validation. CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
CoreCrypto Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a large input may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2019-8741: Nicky Mouha of NIST Entry added October 29, 2019
CoreMedia Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8825: Found by GWP-ASan in Google Chrome Entry added October 29, 2019
Crash Reporter Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics Description: A race condition existed when reading and writing user preferences. This was addressed with improved state handling. CVE-2019-8757: William Cerniuk of Core Development, LLC
CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An input validation issue was addressed with improved input validation. CVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com) Entry added October 29, 2019
CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2019-8767: Stephen Zeisberg Entry added October 29, 2019
CUPS Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com) Entry added October 29, 2019
File Quarantine Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to elevate privileges Description: This issue was addressed by removing the vulnerable code. CVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs Entry added October 29, 2019
Foundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project Zero Entry added October 29, 2019
Graphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2018-12152: Piotr Bania of Cisco Talos CVE-2018-12153: Piotr Bania of Cisco Talos CVE-2018-12154: Piotr Bania of Cisco Talos Entry added October 29, 2019
Intel Graphics Driver Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro
IOGraphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved restrictions. CVE-2019-8755: Lilang Wu and Moony Li of Trend Micro
IOGraphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8759: another of 360 Nirvan Team Entry added October 29, 2019
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local app may be able to read a persistent account identifier Description: A validation issue was addressed with improved logic. CVE-2019-8809: Apple Entry added October 29, 2019
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2019-8709: derrek (@derrekr6) [confirmed]derrek (@derrekr6) CVE-2019-8781: Linus Henze (pinauten.de) Entry added October 29, 2019
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8717: Jann Horn of Google Project Zero
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to determine kernel memory layout Description: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team Entry added October 29, 2019
libxml2 Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in libxml2 Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8749: found by OSS-Fuzz CVE-2019-8756: found by OSS-Fuzz Entry added October 29, 2019
libxslt Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in libxslt Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8750: found by OSS-Fuzz Entry added October 29, 2019
mDNSResponder Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications Description: This issue was resolved by replacing device names with a random identifier. CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt Entry added October 29, 2019
Menus Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8826: Found by GWP-ASan in Google Chrome Entry added October 29, 2019
Notes Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to view a user's locked notes Description: The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia Polytechnic Institute and State University
PDFKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker may be able to exfiltrate the contents of an encrypted PDF Description: An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. CVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising of FH Münster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH Münster University of Applied Sciences, and Jörg Schwenk of Ruhr University Bochum
PluginKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to check for the existence of arbitrary files Description: A logic issue was addressed with improved restrictions. CVE-2019-8708: an anonymous researcher Entry added October 29, 2019
PluginKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8715: an anonymous researcher Entry added October 29, 2019
SharedFileList Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to access recent documents Description: The issue was addressed with improved permissions logic. CVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH
sips Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992) and pjf of IceSword Lab of Qihoo 360
UIFoundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Parsing a maliciously crafted text file may lead to disclosure of user information Description: This issue was addressed with improved checks. CVE-2019-8761: Renee Trisberg of SpectX Entry added October 29, 2019
UIFoundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A user may be unable to delete browsing history items Description: "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. CVE-2019-8768: Hugo S. Diaz (coldpointblue)
WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. The issue was addressed with improved logic. CVE-2019-8769: Piérre Reimertz (@reimertz)
Additional recognition
AppleRTC We would like to acknowledge Vitaly Cheptsov for their assistance.
Audio We would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.
boringssl We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum and Thijs Alkemade (@xnyhps) of Computest for their assistance.
Finder We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.
Gatekeeper We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.
Identity Service We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance.
Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance.
mDNSResponder We would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.
python We would like to acknowledge an anonymous researcher for their assistance.
Safari Data Importing We would like to acknowledge Kent Zoya for their assistance.
Simple certificate enrollment protocol (SCEP) We would like to acknowledge an anonymous researcher for their assistance.
Telephony We would like to acknowledge Phil Stokes from SentinelOne for their assistance.
VPN We would like to acknowledge Royce Gawron of Second Son Consulting, Inc. for their assistance.
Installation note:
macOS Catalina 10.15 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s4QACgkQBz4uGe3y 0M0s3w//QZG0JsE1BjWJ3mwKoSn/I1V0SLryV9UxJeibPfhyF6VJEYk63jZxZ5ki 48vM7iKE3nAHamNFOMtUvyzEdO6VGNZ1uiuSu9nkyziEERapHJSLcEh83p2JhWV/ SEsBB3bsT4l3V9ZYxk/9DX6ynCTzKLZTynw6Yo2PMYiMpavD5sfZ6v8U53qdZ+LX SNuw+vRTsvu3YlFkUStTdQ64sT72yGII0c8iFpSb2AWv7IgbypB5lW4/MRQjrzoc 9yMhvMgXcgAlzoH5GpGE2EflbekcQxudxDh1t0o7f8OASRPTljNjL4oiKXBMhiAM iUgDn7duE9LqupfSWK5WOUkF+XRV0qTaLCTDWaCzVa5YsApvSVPhbmoFqKXSQG8T U6SxQviqzJ06sD1jqm2sZ/LnD5xMEXhQvNx89oJrTRsCU/o0fy4tRhHp52aJoF7E Wvr1kTlo6SGm6NjkmZVoKj6962/0XUYSOt8gR+L/sF7N6URUG+1Ko2jx8zhYHMEO ju+Hw0TFHd+8mP29oOEIsIpuRpCp9jjgEJDdu7mGqJ1Py2Gs0uGeHEZd6DJhKggA IvdJu4Q9usjWaxQ9H3m2I/xEqw78sMEEFgCYfLTC0gf2ChaiGZuhKipcF04c81kM bOGmjuyJrajD/2rY9EHrqtCm5b2079YAIxUAmTOkT0uP2WmlZoM= =bhin -----END PGP SIGNATURE-----
.
For the stable distribution (buster), these problems have been fixed in version 7.3.9-1~deb10u1.
We recommend that you upgrade your php7.3 packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Critical: rh-php72-php security update Advisory ID: RHSA-2019:3299-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:3299 Issue date: 2019-11-01 CVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 =====================================================================
- Summary:
An update for rh-php72-php is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: rh-php72-php (7.2.24). (BZ#1766603)
Security Fix(es):
-
php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)
-
gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166)
-
gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977)
-
php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)
-
php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637)
-
php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)
-
php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)
-
php: Invalid read in exif_process_SOFn() (CVE-2019-9640)
-
php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039)
-
php: Buffer over-read in exif_read_data() (CVE-2019-11040)
-
php: Buffer over-read in PHAR reading functions (CVE-2018-20783)
-
php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021)
-
php: memcpy with negative length via crafted DNS response (CVE-2019-9022)
-
php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023)
-
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)
-
php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034)
-
php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035)
-
php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036)
-
gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038)
-
php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)
-
php: heap buffer over-read in exif_process_user_comment() (CVE-2019-11042)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc() 1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c 1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions 1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode() 1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions 1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions 1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c 1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response 1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing 1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn() 1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value() 1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG() 1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure 1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() 1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() 1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data() 1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail() 1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment() 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-10166 https://access.redhat.com/security/cve/CVE-2018-20783 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-9020 https://access.redhat.com/security/cve/CVE-2019-9021 https://access.redhat.com/security/cve/CVE-2019-9022 https://access.redhat.com/security/cve/CVE-2019-9023 https://access.redhat.com/security/cve/CVE-2019-9024 https://access.redhat.com/security/cve/CVE-2019-9637 https://access.redhat.com/security/cve/CVE-2019-9638 https://access.redhat.com/security/cve/CVE-2019-9639 https://access.redhat.com/security/cve/CVE-2019-9640 https://access.redhat.com/security/cve/CVE-2019-11034 https://access.redhat.com/security/cve/CVE-2019-11035 https://access.redhat.com/security/cve/CVE-2019-11036 https://access.redhat.com/security/cve/CVE-2019-11038 https://access.redhat.com/security/cve/CVE-2019-11039 https://access.redhat.com/security/cve/CVE-2019-11040 https://access.redhat.com/security/cve/CVE-2019-11041 https://access.redhat.com/security/cve/CVE-2019-11042 https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4 sOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB tJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb yBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu PlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB +bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA Xq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp V9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc QXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+ z/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw RG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq 86WRMpuQxpE= =winR -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1841", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "12.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "14.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "16.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "18.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "19.04", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "8.0", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "9.0", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "10.0", }, { model: "leap", scope: "eq", trust: 1.1, vendor: "opensuse", version: "15.0", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.15.1", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.1.31", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.21", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.8", }, { model: "software collections", scope: "eq", trust: 1, vendor: "redhat", version: "1.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.1.0", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "ubuntu", scope: null, trust: 0.8, vendor: "canonical", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.1.31 for up to 7.1.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.2.21 for up to 7.2.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.3.8 for up to 7.3.x", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.7", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.8", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.9", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.10", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.11", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.12", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.13", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.14", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.15", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.16", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.17", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.18", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.19", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.20", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.21", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.22", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.23", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.24", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.25", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.26", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.27", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.28", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.29", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.30", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.7", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.8", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.9", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.10", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.11", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.12", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.13", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.14", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.15", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.16", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.17", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.18", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.19", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.20", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.7", }, { model: "mac os x", scope: "eq", trust: 0.1, vendor: "apple", version: "10.15", }, ], sources: [ { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:canonical:ubuntu_linux", vulnerable: true, }, { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/a:php:php", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-007695", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "CNNVD", id: "CNNVD-201908-142", }, ], trust: 0.9, }, cve: "CVE-2019-11042", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2019-11042", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-11042", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-142649", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2019-11042", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "security@php.net", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2019-11042", impactScore: 2.5, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-11042", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-11042", trust: 1, value: "HIGH", }, { author: "security@php.net", id: "CVE-2019-11042", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2019-11042", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201908-142", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-142649", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-11042", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-142649", }, { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "CNNVD", id: "CNNVD-201908-142", }, { db: "NVD", id: "CVE-2019-11042", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. \n \nSuccessfully exploiting this issue allow malicious users to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. \n\nPHP versions before 7.3.8 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-10-29-10 Additional information\nfor APPLE-SA-2019-10-07-1 macOS Catalina 10.15\n\nmacOS Catalina 10.15 addresses the following:\n\nAMD\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security\nResearch Team\n\napache_mod_php\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Multiple issues in PHP\nDescription: Multiple issues were addressed by updating to PHP\nversion 7.3.8. \nCVE-2019-11041\nCVE-2019-11042\n\nAudio\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted audio file may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8706: Yu Zhou of Ant-financial Light-Year Security Lab\nEntry added October 29, 2019\n\nBooks\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Parsing a maliciously crafted iBooks file may lead to a\npersistent denial-of-service\nDescription: A resource exhaustion issue was addressed with improved\ninput validation. \nCVE-2019-8774: Gertjan Franken imec-DistriNet of KU Leuven\nEntry added October 29, 2019\n\nCFNetwork\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing maliciously crafted web content may lead to a\ncross site scripting attack\nDescription: This issue was addressed with improved checks. \nCVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland\nEntry added October 29, 2019\n\nCoreAudio\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted movie may result in the\ndisclosure of process memory\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero\nDay Initiative\n\nCoreCrypto\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a large input may lead to a denial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2019-8741: Nicky Mouha of NIST\nEntry added October 29, 2019\n\nCoreMedia\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8825: Found by GWP-ASan in Google Chrome\nEntry added October 29, 2019\n\nCrash Reporter\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: The \"Share Mac Analytics\" setting may not be disabled when a\nuser deselects the switch to share analytics\nDescription: A race condition existed when reading and writing user\npreferences. This was addressed with improved state handling. \nCVE-2019-8757: William Cerniuk of Core Development, LLC\n\nCUPS\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An attacker in a privileged network position may be able to\nleak sensitive user information\nDescription: An input validation issue was addressed with improved\ninput validation. \nCVE-2019-8736: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\nEntry added October 29, 2019\n\nCUPS\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted string may lead to heap\ncorruption\nDescription: A memory consumption issue was addressed with improved\nmemory handling. \nCVE-2019-8767: Stephen Zeisberg\nEntry added October 29, 2019\n\nCUPS\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An attacker in a privileged position may be able to perform a\ndenial of service attack\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8737: Pawel Gocyla of ING Tech Poland (ingtechpoland.com)\nEntry added October 29, 2019\n\nFile Quarantine\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to elevate privileges\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2019-8509: CodeColorist of Ant-Financial LightYear Labs\nEntry added October 29, 2019\n\nFoundation\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8746: Natalie Silvanovich and Samuel Groß of Google Project\nZero\nEntry added October 29, 2019\n\nGraphics\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a malicious shader may result in unexpected\napplication termination or arbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved input validation. \nCVE-2018-12152: Piotr Bania of Cisco Talos\nCVE-2018-12153: Piotr Bania of Cisco Talos\nCVE-2018-12154: Piotr Bania of Cisco Talos\nEntry added October 29, 2019\n\nIntel Graphics Driver\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8758: Lilang Wu and Moony Li of Trend Micro\n\nIOGraphics\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2019-8755: Lilang Wu and Moony Li of Trend Micro\n\nIOGraphics\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A local user may be able to cause unexpected system\ntermination or read kernel memory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2019-8759: another of 360 Nirvan Team\nEntry added October 29, 2019\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A local app may be able to read a persistent account\nidentifier\nDescription: A validation issue was addressed with improved logic. \nCVE-2019-8809: Apple\nEntry added October 29, 2019\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8709: derrek (@derrekr6)\n[confirmed]derrek (@derrekr6)\nCVE-2019-8781: Linus Henze (pinauten.de)\nEntry added October 29, 2019\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8717: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A memory corruption issue existed in the handling of\nIPv6 packets. This issue was addressed with improved memory\nmanagement. \nCVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team\nEntry added October 29, 2019\n\nlibxml2\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Multiple issues in libxml2\nDescription: Multiple memory corruption issues were addressed with\nimproved input validation. \nCVE-2019-8749: found by OSS-Fuzz\nCVE-2019-8756: found by OSS-Fuzz\nEntry added October 29, 2019\n\nlibxslt\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Multiple issues in libxslt\nDescription: Multiple memory corruption issues were addressed with\nimproved input validation. \nCVE-2019-8750: found by OSS-Fuzz\nEntry added October 29, 2019\n\nmDNSResponder\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An attacker in physical proximity may be able to passively\nobserve device names in AWDL communications\nDescription: This issue was resolved by replacing device names with a\nrandom identifier. \nCVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile\nNetworking Lab at Technische Universität Darmstadt\nEntry added October 29, 2019\n\nMenus\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8826: Found by GWP-ASan in Google Chrome\nEntry added October 29, 2019\n\nNotes\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A local user may be able to view a user's locked notes\nDescription: The contents of locked notes sometimes appeared in\nsearch results. This issue was addressed with improved data cleanup. \nCVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia\nPolytechnic Institute and State University\n\nPDFKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An attacker may be able to exfiltrate the contents of an\nencrypted PDF\nDescription: An issue existed in the handling of links in encrypted\nPDFs. This issue was addressed by adding a confirmation prompt. \nCVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising\nof FH Münster University of Applied Sciences, Vladislav Mladenov\nof Ruhr University Bochum, Christian Mainka of Ruhr University\nBochum, Sebastian Schinzel of FH Münster University of Applied\nSciences, and Jörg Schwenk of Ruhr University Bochum\n\nPluginKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A local user may be able to check for the existence of\narbitrary files\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2019-8708: an anonymous researcher\nEntry added October 29, 2019\n\nPluginKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8715: an anonymous researcher\nEntry added October 29, 2019\n\nSharedFileList\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to access recent\ndocuments\nDescription: The issue was addressed with improved permissions logic. \nCVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH\n\nsips\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992)\nand pjf of IceSword Lab of Qihoo 360\n\nUIFoundation\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Parsing a maliciously crafted text file may lead to\ndisclosure of user information\nDescription: This issue was addressed with improved checks. \nCVE-2019-8761: Renee Trisberg of SpectX\nEntry added October 29, 2019\n\nUIFoundation\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero\nDay Initiative\n\nWebKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A user may be unable to delete browsing history items\nDescription: \"Clear History and Website Data\" did not clear the\nhistory. The issue was addressed with improved data deletion. \nCVE-2019-8768: Hugo S. Diaz (coldpointblue)\n\nWebKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Visiting a maliciously crafted website may reveal browsing\nhistory\nDescription: An issue existed in the drawing of web page elements. \nThe issue was addressed with improved logic. \nCVE-2019-8769: Piérre Reimertz (@reimertz)\n\nAdditional recognition\n\nAppleRTC\nWe would like to acknowledge Vitaly Cheptsov for their assistance. \n\nAudio\nWe would like to acknowledge riusksk of VulWar Corp working with\nTrend Micro's Zero Day Initiative for their assistance. \n\nboringssl\nWe would like to acknowledge Nimrod Aviram of Tel Aviv University,\nRobert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr\nUniversity Bochum and Thijs Alkemade (@xnyhps) of Computest for their\nassistance. \n\nFinder\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their\nassistance. \n\nGatekeeper\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their\nassistance. \n\nIdentity Service\nWe would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for\ntheir assistance. \n\nKernel\nWe would like to acknowledge Brandon Azad of Google Project Zero for\ntheir assistance. \n\nmDNSResponder\nWe would like to acknowledge Gregor Lang of e.solutions GmbH for\ntheir assistance. \n\npython\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nSafari Data Importing\nWe would like to acknowledge Kent Zoya for their assistance. \n\nSimple certificate enrollment protocol (SCEP)\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nTelephony\nWe would like to acknowledge Phil Stokes from SentinelOne for their\nassistance. \n\nVPN\nWe would like to acknowledge Royce Gawron of Second Son Consulting,\nInc. for their assistance. \n\nInstallation note:\n\nmacOS Catalina 10.15 may be obtained from the Mac App Store or\nApple's Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl24s4QACgkQBz4uGe3y\n0M0s3w//QZG0JsE1BjWJ3mwKoSn/I1V0SLryV9UxJeibPfhyF6VJEYk63jZxZ5ki\n48vM7iKE3nAHamNFOMtUvyzEdO6VGNZ1uiuSu9nkyziEERapHJSLcEh83p2JhWV/\nSEsBB3bsT4l3V9ZYxk/9DX6ynCTzKLZTynw6Yo2PMYiMpavD5sfZ6v8U53qdZ+LX\nSNuw+vRTsvu3YlFkUStTdQ64sT72yGII0c8iFpSb2AWv7IgbypB5lW4/MRQjrzoc\n9yMhvMgXcgAlzoH5GpGE2EflbekcQxudxDh1t0o7f8OASRPTljNjL4oiKXBMhiAM\niUgDn7duE9LqupfSWK5WOUkF+XRV0qTaLCTDWaCzVa5YsApvSVPhbmoFqKXSQG8T\nU6SxQviqzJ06sD1jqm2sZ/LnD5xMEXhQvNx89oJrTRsCU/o0fy4tRhHp52aJoF7E\nWvr1kTlo6SGm6NjkmZVoKj6962/0XUYSOt8gR+L/sF7N6URUG+1Ko2jx8zhYHMEO\nju+Hw0TFHd+8mP29oOEIsIpuRpCp9jjgEJDdu7mGqJ1Py2Gs0uGeHEZd6DJhKggA\nIvdJu4Q9usjWaxQ9H3m2I/xEqw78sMEEFgCYfLTC0gf2ChaiGZuhKipcF04c81kM\nbOGmjuyJrajD/2rY9EHrqtCm5b2079YAIxUAmTOkT0uP2WmlZoM=\n=bhin\n-----END PGP SIGNATURE-----\n\n\n. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.9-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: rh-php72-php security update\nAdvisory ID: RHSA-2019:3299-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3299\nIssue date: 2019-11-01\nCVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 \n CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 \n CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 \n CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 \n CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 \n CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 \n CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 \n=====================================================================\n\n1. Summary:\n\nAn update for rh-php72-php is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nThe following packages have been upgraded to a later upstream version:\nrh-php72-php (7.2.24). (BZ#1766603)\n\nSecurity Fix(es):\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\n* gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166)\n\n* gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c\n(CVE-2019-6977)\n\n* php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)\n\n* php: File rename across filesystems may allow unwanted access during\nprocessing (CVE-2019-9637)\n\n* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)\n\n* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)\n\n* php: Invalid read in exif_process_SOFn() (CVE-2019-9640)\n\n* php: Out-of-bounds read due to integer overflow in\niconv_mime_decode_headers() (CVE-2019-11039)\n\n* php: Buffer over-read in exif_read_data() (CVE-2019-11040)\n\n* php: Buffer over-read in PHAR reading functions (CVE-2018-20783)\n\n* php: Heap-based buffer over-read in PHAR reading functions\n(CVE-2019-9021)\n\n* php: memcpy with negative length via crafted DNS response (CVE-2019-9022)\n\n* php: Heap-based buffer over-read in mbstring regular expression functions\n(CVE-2019-9023)\n\n* php: Out-of-bounds read in base64_decode_xmlrpc in\next/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)\n\n* php: Heap buffer overflow in function exif_process_IFD_TAG()\n(CVE-2019-11034)\n\n* php: Heap buffer overflow in function exif_iif_add_value()\n(CVE-2019-11035)\n\n* php: Buffer over-read in exif_process_IFD_TAG() leading to information\ndisclosure (CVE-2019-11036)\n\n* gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038)\n\n* php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)\n\n* php: heap buffer over-read in exif_process_user_comment()\n(CVE-2019-11042)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc()\n1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c\n1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions\n1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode()\n1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions\n1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions\n1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c\n1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response\n1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing\n1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE\n1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE\n1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn()\n1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value()\n1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG()\n1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure\n1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm()\n1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers()\n1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data()\n1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail()\n1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment()\n1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\naarch64:\nrh-php72-php-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-cli-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-common-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dba-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-devel-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-intl-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-json-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-process-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-recode-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-soap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xml-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-zip-7.2.24-1.el7.aarch64.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\naarch64:\nrh-php72-php-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-cli-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-common-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dba-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-devel-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-intl-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-json-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-process-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-recode-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-soap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xml-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-zip-7.2.24-1.el7.aarch64.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-10166\nhttps://access.redhat.com/security/cve/CVE-2018-20783\nhttps://access.redhat.com/security/cve/CVE-2019-6977\nhttps://access.redhat.com/security/cve/CVE-2019-9020\nhttps://access.redhat.com/security/cve/CVE-2019-9021\nhttps://access.redhat.com/security/cve/CVE-2019-9022\nhttps://access.redhat.com/security/cve/CVE-2019-9023\nhttps://access.redhat.com/security/cve/CVE-2019-9024\nhttps://access.redhat.com/security/cve/CVE-2019-9637\nhttps://access.redhat.com/security/cve/CVE-2019-9638\nhttps://access.redhat.com/security/cve/CVE-2019-9639\nhttps://access.redhat.com/security/cve/CVE-2019-9640\nhttps://access.redhat.com/security/cve/CVE-2019-11034\nhttps://access.redhat.com/security/cve/CVE-2019-11035\nhttps://access.redhat.com/security/cve/CVE-2019-11036\nhttps://access.redhat.com/security/cve/CVE-2019-11038\nhttps://access.redhat.com/security/cve/CVE-2019-11039\nhttps://access.redhat.com/security/cve/CVE-2019-11040\nhttps://access.redhat.com/security/cve/CVE-2019-11041\nhttps://access.redhat.com/security/cve/CVE-2019-11042\nhttps://access.redhat.com/security/cve/CVE-2019-11043\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4\nsOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB\ntJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb\nyBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu\nPlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB\n+bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA\nXq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp\nV9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc\nQXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+\nz/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw\nRG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq\n86WRMpuQxpE=\n=winR\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.2 Release Notes linked from the References section", sources: [ { db: "NVD", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "VULHUB", id: "VHN-142649", }, { db: "VULMON", id: "CVE-2019-11042", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "155066", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-11042", trust: 3.3, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.7, }, { db: "PACKETSTORM", id: "159094", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007695", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201908-142", trust: 0.7, }, { db: "PACKETSTORM", id: "157463", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.3073", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3349", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3272", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0741", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3072", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3332", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4296", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1500", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3111", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.6056", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "VULHUB", id: "VHN-142649", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-11042", trust: 0.1, }, { db: "PACKETSTORM", id: "154561", trust: 0.1, }, { db: "PACKETSTORM", id: "155066", trust: 0.1, }, { db: "PACKETSTORM", id: "154543", trust: 0.1, }, { db: "PACKETSTORM", id: "155070", trust: 0.1, }, { db: "PACKETSTORM", id: "154768", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-142649", }, { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "155066", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-142", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, id: "VAR-201908-1841", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-142649", }, ], trust: 0.01, }, last_update_date: "2024-11-23T20:11:40.153000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "[SECURITY] [DLA 1878-1] php5 security update", trust: 0.8, url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { title: "78256", trust: 0.8, url: "https://bugs.php.net/bug.php?id=78256", }, { title: "USN-4097-1", trust: 0.8, url: "https://usn.ubuntu.com/4097-1/", }, { title: "USN-4097-2", trust: 0.8, url: "https://usn.ubuntu.com/4097-2/", }, { title: "PHP Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=95904", }, { title: "Ubuntu Security Notice: php7.0, php7.2 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-1", }, { title: "Ubuntu Security Notice: php5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-2", }, { title: "Amazon Linux AMI: ALAS-2019-1284", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1284", }, { title: "Amazon Linux AMI: ALAS-2019-1283", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1283", }, { title: "Debian Security Advisories: DSA-4527-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=877cb76e8aeddfa40b275ad142be1771", }, { title: "Red Hat: Moderate: php:7.2 security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20201624 - Security Advisory", }, { title: "Red Hat: Critical: rh-php72-php security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193299 - Security Advisory", }, { title: "Apple: macOS Catalina 10.15", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=aafc8ca42bce10e92a70604a0d265a55", }, { title: "Debian Security Advisories: DSA-4529-1 php7.0 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ee5cd1d3e8c521eee01300cbf544b2d7", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/apple-tackles-a-dozen-bugs-in-catalina/148988/", }, ], sources: [ { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "CNNVD", id: "CNNVD-201908-142", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142649", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://access.redhat.com/errata/rhsa-2019:3299", }, { trust: 2.5, url: "https://usn.ubuntu.com/4097-1/", }, { trust: 2.4, url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { trust: 2.4, url: "https://usn.ubuntu.com/4097-2/", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11042", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/sep/35", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/sep/38", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/oct/9", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=78256", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { trust: 1.8, url: "https://support.apple.com/kb/ht210634", }, { trust: 1.8, url: "https://www.debian.org/security/2019/dsa-4527", }, { trust: 1.8, url: "https://www.debian.org/security/2019/dsa-4529", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2019/oct/15", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2019/oct/55", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { trust: 1.7, url: "https://support.apple.com/kb/ht210722", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2019-11042", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11042", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11041", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-201914158-1.html", }, { trust: 0.6, url: "https://access.redhat.com/errata/rhsa-2019:3300", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192243-1.html", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192270-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1500/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3073/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3272/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159094/red-hat-security-advisory-2020-3662-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-29928", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0741/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4296/", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht210722", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht210634", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-api-connects-developer-portal-is-impacted-by-vulnerabilities-in-php/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3072/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6056", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3349/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157463/red-hat-security-advisory-2020-1624-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3111/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3332/", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11040", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11039", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11036", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11035", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11034", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11040", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11039", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11041", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://www.debian.org/security/faq", }, { trust: 0.2, url: "https://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11038", }, { trust: 0.2, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8717", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8757", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8701", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8730", }, { trust: 0.2, url: "https://support.apple.com/downloads/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8745", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8748", }, { trust: 0.2, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8758", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8755", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8705", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9022", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9640", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9024", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9638", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9637", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11036", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11035", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9638", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9024", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9639", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9023", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2018-20783", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9022", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9640", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9021", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9023", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9020", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20783", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9639", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9637", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11034", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9020", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9021", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109465", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.0", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8753", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8706", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8744", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8736", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8750", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8746", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8708", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8509", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8756", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-12153", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8737", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8749", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-12154", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8709", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8741", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-12152", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7065", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11045", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19203", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7062", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7059", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11045", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11047", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7066", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7065", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11047", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13224", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19203", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13225", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7063", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7064", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19246", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20454", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:3662", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7066", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11048", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11048", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13224", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7060", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7064", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19246", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7063", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7062", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7059", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7060", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20454", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-10166", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#critical", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11043", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11038", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6977", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11043", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-10166", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6977", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:1624", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8770", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8769", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8772", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8781", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8768", }, ], sources: [ { db: "VULHUB", id: "VHN-142649", }, { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "155066", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-142", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-142649", }, { db: "VULMON", id: "CVE-2019-11042", }, { db: "JVNDB", id: "JVNDB-2019-007695", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "155066", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-142", }, { db: "NVD", id: "CVE-2019-11042", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-142649", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-11042", }, { date: "2019-08-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-007695", }, { date: "2019-09-23T18:25:24", db: "PACKETSTORM", id: "154561", }, { date: "2019-11-01T17:10:40", db: "PACKETSTORM", id: "155066", }, { date: "2020-09-08T18:10:32", db: "PACKETSTORM", id: "159094", }, { date: "2019-09-20T14:58:48", db: "PACKETSTORM", id: "154543", }, { date: "2019-11-01T17:11:58", db: "PACKETSTORM", id: "155070", }, { date: "2020-04-28T20:37:45", db: "PACKETSTORM", id: "157463", }, { date: "2019-10-08T19:59:26", db: "PACKETSTORM", id: "154768", }, { date: "2019-08-01T00:00:00", db: "CNNVD", id: "CNNVD-201908-142", }, { date: "2019-08-09T20:15:11.143000", db: "NVD", id: "CVE-2019-11042", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-28T00:00:00", db: "VULHUB", id: "VHN-142649", }, { date: "2020-10-02T00:00:00", db: "VULMON", id: "CVE-2019-11042", }, { date: "2019-08-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-007695", }, { date: "2023-03-01T00:00:00", db: "CNNVD", id: "CNNVD-201908-142", }, { date: "2024-11-21T04:20:25.890000", db: "NVD", id: "CVE-2019-11042", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201908-142", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP EXIF Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-007695", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201908-142", }, ], trust: 0.6, }, }
var-202109-1805
Vulnerability from variot
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. The server is fast, reliable and extensible through a simple API. No detailed vulnerability details are currently provided. 7) - noarch, x86_64
Bug Fix(es):
- proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)
Additional changes:
- To fix CVE-2022-29404, the default value for the "LimitRequestBody" directive in the Apache HTTP Server has been changed from 0 (unlimited) to 1 GiB.
On systems where the value of "LimitRequestBody" is not explicitly specified in an httpd configuration file, updating the httpd package sets "LimitRequestBody" to the default value of 1 GiB. As a consequence, if the total size of the HTTP request body exceeds this 1 GiB default limit, httpd returns the 413 Request Entity Too Large error code.
If the new default allowed size of an HTTP request message body is insufficient for your use case, update your httpd configuration files within the respective context (server, per-directory, per-file, or per-location) and set your preferred limit in bytes. For example, to set a new 2 GiB limit, use:
LimitRequestBody 2147483648
Systems already configured to use any explicit value for the "LimitRequestBody" directive are unaffected by this change.
For the oldstable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u6.
For the stable distribution (bullseye), these problems have been fixed in version 2.4.51-1~deb11u1.
We recommend that you upgrade your apache2 packages.
For the detailed security status of apache2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/apache2
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFgr44ACgkQEMKTtsN8 TjbophAAiZ+fhF2r8BUbQkL8BhpfqjA+hVsp9WEMTn8Gq6kiW0wLvK3jWPM301Ou D4gHqKmFPmYNC1KBOyk/lJdxyD7iTUweUyLi3WXzxhIDMx0kxkRw1oXlyCHzIqSJ M277bgk32h2cDCbsXjrN/8agKPcKgfwDqiyf/igfEq6V8OB2zVvJPKVFq45n54+q 4FPXSyx1g2u5ewSeXbU2uHDej6Qborui4osDdbwx8CT6aETi0cIXJ8RbXF3PUCHG 5DzZagnRq6GumPsl01jcPu7b9Ck8MlkxMSG3FRsSIJVkwpsQ2C34ywIJkFlzUZZh jhdVUrfbyfLpSdcPcipAAjl9I6gDqa9SFdMRK7ixCpQ6iTiVeDZdJ8pA4jnSweNQ THik07di9R0juX0p7peQiIyBKrEf7Y3WSvLOn0SBKXvZnzc/72rH2nP5FclsgCsV TWxptziGridC43KB8/tDJAAOXVF2lzylzF70V/UGTNo1jk9w3/p6btU1iuzKspyY Y4aPZla3DImI8mezrgFrGYNg7bZYLKuJyGDADKih2sUQpzmDZ6MJxKAE3NLRWyQa 7cCJdoNR9yVqytEw1Y/ZRXAXWfMb3Y1ts2EqR8hzLQgMYb0JC58cLMG3T0RgyPoO A4CTIoYpK1WnsykAE8M4XFrnOW3lrtse6T8N/dTVMuodElAEhc0= =/At6 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: httpd security update Advisory ID: RHSA-2022:0143-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0143 Issue date: 2022-01-17 CVE Names: CVE-2021-26691 CVE-2021-34798 CVE-2021-39275 CVE-2021-44790 ==================================================================== 1. Summary:
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Security Fix(es):
-
httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)
-
httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691)
-
httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)
-
httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1966732 - CVE-2021-26691 httpd: mod_session: Heap overflow via a crafted SessionHeader value 2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input 2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests 2034674 - CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content
- Package List:
Red Hat Enterprise Linux Client Optional (v. 7):
Source: httpd-2.4.6-97.el7_9.4.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.4.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm mod_session-2.4.6-97.el7_9.4.x86_64.rpm mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
Source: httpd-2.4.6-97.el7_9.4.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.4.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm mod_session-2.4.6-97.el7_9.4.x86_64.rpm mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: httpd-2.4.6-97.el7_9.4.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
ppc64: httpd-2.4.6-97.el7_9.4.ppc64.rpm httpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm httpd-devel-2.4.6-97.el7_9.4.ppc64.rpm httpd-tools-2.4.6-97.el7_9.4.ppc64.rpm mod_session-2.4.6-97.el7_9.4.ppc64.rpm mod_ssl-2.4.6-97.el7_9.4.ppc64.rpm
ppc64le: httpd-2.4.6-97.el7_9.4.ppc64le.rpm httpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm httpd-devel-2.4.6-97.el7_9.4.ppc64le.rpm httpd-tools-2.4.6-97.el7_9.4.ppc64le.rpm mod_session-2.4.6-97.el7_9.4.ppc64le.rpm mod_ssl-2.4.6-97.el7_9.4.ppc64le.rpm
s390x: httpd-2.4.6-97.el7_9.4.s390x.rpm httpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm httpd-devel-2.4.6-97.el7_9.4.s390x.rpm httpd-tools-2.4.6-97.el7_9.4.s390x.rpm mod_session-2.4.6-97.el7_9.4.s390x.rpm mod_ssl-2.4.6-97.el7_9.4.s390x.rpm
x86_64: httpd-2.4.6-97.el7_9.4.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm mod_session-2.4.6-97.el7_9.4.x86_64.rpm mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: httpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm mod_ldap-2.4.6-97.el7_9.4.ppc64.rpm mod_proxy_html-2.4.6-97.el7_9.4.ppc64.rpm
ppc64le: httpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm mod_ldap-2.4.6-97.el7_9.4.ppc64le.rpm mod_proxy_html-2.4.6-97.el7_9.4.ppc64le.rpm
s390x: httpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm mod_ldap-2.4.6-97.el7_9.4.s390x.rpm mod_proxy_html-2.4.6-97.el7_9.4.s390x.rpm
x86_64: httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: httpd-2.4.6-97.el7_9.4.src.rpm
noarch: httpd-manual-2.4.6-97.el7_9.4.noarch.rpm
x86_64: httpd-2.4.6-97.el7_9.4.x86_64.rpm httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm httpd-devel-2.4.6-97.el7_9.4.x86_64.rpm httpd-tools-2.4.6-97.el7_9.4.x86_64.rpm mod_session-2.4.6-97.el7_9.4.x86_64.rpm mod_ssl-2.4.6-97.el7_9.4.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: httpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm mod_ldap-2.4.6-97.el7_9.4.x86_64.rpm mod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-26691 https://access.redhat.com/security/cve/CVE-2021-34798 https://access.redhat.com/security/cve/CVE-2021-39275 https://access.redhat.com/security/cve/CVE-2021-44790 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYeVdC9zjgjWX9erEAQgzNw/8CjsxUvDW64dwvpcYH/OWJhKqvD53sX+w ivf4+hhCsEVLvrjD0eTNkbeza+dcZqoR5swL0IjAGXKJ/0q/oh4/yxq2ydgvEYsY rAjts0tnynoswBaFo6eaBlcNxQroGID0uqgXkUFt37m4eetACuOSVRcZ7/sNsqBS iQF4l16vjNvKeOdKY8nSNe77Dt1/Lj41NoL6XbAZPuvaiLBqqGOY9xYfZSSmFHFq H4dB8cfMC4cWysFtnzffJ+dJdzcWNOxklwLlZe72JoAJYP59da2YuIoE2LsQRGPC Occ84zH/UZx4JWJhF7FEEALC/tizfFqu9qWr1OIDmSVTEAZ+6IZ/mDeF83+0Mrc4 AiV3oiJi7Fx4XTDUL8fim+FORaSI2IR7LK1Zjau1qCN04ayyFXwJdK/fwgIWJHon gYhyUsAj7F7At9m8cCVRP5K4jjmr0qrmsF1M1B6xqMLWlYNcWu3obJS/FbiSdwQJ 7jFdBagThGOzIle0eGk0iMZ+vRJSuaSMZ7GDA14o46KB+EkvYLe+wi6jBQXJeD6Q Oueenu2JiMvB8+dJNYrn9uQY+8WHyCVV1HMMmVo9LajA1FJRXgMIQN5ZmDMoDW73 qFV+VCOHtKPI2hC8ngZYy2RyEUhK4t3f7xmJgtoJ4/DuaGsRWL7xZPL7gLHxWnS4 5VjPyLrWg5U=TyMo -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Gentoo Linux Security Advisory GLSA 202208-20
https://security.gentoo.org/
Severity: High Title: Apache HTTPD: Multiple Vulnerabilities Date: August 14, 2022 Bugs: #813429, #816399, #816864, #829722, #835131, #850622 ID: 202208-20
Synopsis
Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache HTTPD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.54"
All Apache HTTPD tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/apache-tools-2.4.54"
References
[ 1 ] CVE-2021-33193 https://nvd.nist.gov/vuln/detail/CVE-2021-33193 [ 2 ] CVE-2021-34798 https://nvd.nist.gov/vuln/detail/CVE-2021-34798 [ 3 ] CVE-2021-36160 https://nvd.nist.gov/vuln/detail/CVE-2021-36160 [ 4 ] CVE-2021-39275 https://nvd.nist.gov/vuln/detail/CVE-2021-39275 [ 5 ] CVE-2021-40438 https://nvd.nist.gov/vuln/detail/CVE-2021-40438 [ 6 ] CVE-2021-41524 https://nvd.nist.gov/vuln/detail/CVE-2021-41524 [ 7 ] CVE-2021-41773 https://nvd.nist.gov/vuln/detail/CVE-2021-41773 [ 8 ] CVE-2021-42013 https://nvd.nist.gov/vuln/detail/CVE-2021-42013 [ 9 ] CVE-2021-44224 https://nvd.nist.gov/vuln/detail/CVE-2021-44224 [ 10 ] CVE-2021-44790 https://nvd.nist.gov/vuln/detail/CVE-2021-44790 [ 11 ] CVE-2022-22719 https://nvd.nist.gov/vuln/detail/CVE-2022-22719 [ 12 ] CVE-2022-22720 https://nvd.nist.gov/vuln/detail/CVE-2022-22720 [ 13 ] CVE-2022-22721 https://nvd.nist.gov/vuln/detail/CVE-2022-22721 [ 14 ] CVE-2022-23943 https://nvd.nist.gov/vuln/detail/CVE-2022-23943 [ 15 ] CVE-2022-26377 https://nvd.nist.gov/vuln/detail/CVE-2022-26377 [ 16 ] CVE-2022-28614 https://nvd.nist.gov/vuln/detail/CVE-2022-28614 [ 17 ] CVE-2022-28615 https://nvd.nist.gov/vuln/detail/CVE-2022-28615 [ 18 ] CVE-2022-29404 https://nvd.nist.gov/vuln/detail/CVE-2022-29404 [ 19 ] CVE-2022-30522 https://nvd.nist.gov/vuln/detail/CVE-2022-30522 [ 20 ] CVE-2022-30556 https://nvd.nist.gov/vuln/detail/CVE-2022-30556 [ 21 ] CVE-2022-31813 https://nvd.nist.gov/vuln/detail/CVE-2022-31813
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-20
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================== Ubuntu Security Notice USN-5090-3 September 28, 2021
apache2 regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
USN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream fixes introduced a regression in UDS URIs. This update fixes the problem.
Original advisory details:
James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04: apache2 2.4.46-4ubuntu1.3 apache2-bin 2.4.46-4ubuntu1.3
Ubuntu 20.04 LTS: apache2 2.4.41-4ubuntu3.6 apache2-bin 2.4.41-4ubuntu3.6
Ubuntu 18.04 LTS: apache2 2.4.29-1ubuntu4.18 apache2-bin 2.4.29-1ubuntu4.18
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202109-1805", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.2", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "clustered data ontap", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "communications cloud native core network function cloud native environment", scope: "eq", trust: 1, vendor: "oracle", version: "1.10.0", }, { model: "storagegrid", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "sinema remote connect server", scope: "lt", trust: 1, vendor: "siemens", version: "3.1", }, { model: "http server", scope: "lte", trust: 1, vendor: "apache", version: "2.4.48", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.58", }, { model: "ruggedcom nms", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinec nms", scope: "eq", trust: 1, vendor: "siemens", version: "*", }, { model: "sinema server", scope: "eq", trust: 1, vendor: "siemens", version: "14.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.3", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.1", }, { model: "zfs storage appliance kit", scope: "eq", trust: 1, vendor: "oracle", version: "8.8", }, { model: "enterprise manager base platform", scope: "eq", trust: 1, vendor: "oracle", version: "13.5.0.0", }, { model: "enterprise manager base platform", scope: "eq", trust: 1, vendor: "oracle", version: "13.4.0.0", }, { model: "cloud backup", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "tenable.sc", scope: "lte", trust: 1, vendor: "tenable", version: "5.19.1", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "35", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "11.0", }, { model: "brocade fabric operating system", scope: "eq", trust: 1, vendor: "broadcom", version: null, }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "http server", scope: null, trust: 0.8, vendor: "apache", version: null, }, { model: "http server", scope: "lte", trust: 0.6, vendor: "apache", version: "<=2.4.48", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Siemens reported these vulnerabilities to CISA.", sources: [ { db: "CNNVD", id: "CNNVD-202109-1109", }, ], trust: 0.6, }, cve: "CVE-2021-34798", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CVE-2021-34798", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "CNVD-2022-03223", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", exploitabilityScore: 10, id: "VHN-395042", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", exploitabilityScore: 3.9, id: "CVE-2021-34798", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.5, baseSeverity: "High", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-34798", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-34798", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2021-34798", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2022-03223", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202109-1109", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-395042", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-34798", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. The server is fast, reliable and extensible through a simple API. No detailed vulnerability details are currently provided. 7) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* proxy rewrite to unix socket fails with CVE-2021-40438 fix (BZ#2022319)\n\nAdditional changes:\n\n* To fix CVE-2022-29404, the default value for the \"LimitRequestBody\"\ndirective in the Apache HTTP Server has been changed from 0 (unlimited) to\n1 GiB. \n\nOn systems where the value of \"LimitRequestBody\" is not explicitly\nspecified in an httpd configuration file, updating the httpd package sets\n\"LimitRequestBody\" to the default value of 1 GiB. As a consequence, if the\ntotal size of the HTTP request body exceeds this 1 GiB default limit, httpd\nreturns the 413 Request Entity Too Large error code. \n\nIf the new default allowed size of an HTTP request message body is\ninsufficient for your use case, update your httpd configuration files\nwithin the respective context (server, per-directory, per-file, or\nper-location) and set your preferred limit in bytes. For example, to set a\nnew 2 GiB limit, use:\n\nLimitRequestBody 2147483648\n\nSystems already configured to use any explicit value for the\n\"LimitRequestBody\" directive are unaffected by this change. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.4.38-3+deb10u6. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.4.51-1~deb11u1. \n\nWe recommend that you upgrade your apache2 packages. \n\nFor the detailed security status of apache2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/apache2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmFgr44ACgkQEMKTtsN8\nTjbophAAiZ+fhF2r8BUbQkL8BhpfqjA+hVsp9WEMTn8Gq6kiW0wLvK3jWPM301Ou\nD4gHqKmFPmYNC1KBOyk/lJdxyD7iTUweUyLi3WXzxhIDMx0kxkRw1oXlyCHzIqSJ\nM277bgk32h2cDCbsXjrN/8agKPcKgfwDqiyf/igfEq6V8OB2zVvJPKVFq45n54+q\n4FPXSyx1g2u5ewSeXbU2uHDej6Qborui4osDdbwx8CT6aETi0cIXJ8RbXF3PUCHG\n5DzZagnRq6GumPsl01jcPu7b9Ck8MlkxMSG3FRsSIJVkwpsQ2C34ywIJkFlzUZZh\njhdVUrfbyfLpSdcPcipAAjl9I6gDqa9SFdMRK7ixCpQ6iTiVeDZdJ8pA4jnSweNQ\nTHik07di9R0juX0p7peQiIyBKrEf7Y3WSvLOn0SBKXvZnzc/72rH2nP5FclsgCsV\nTWxptziGridC43KB8/tDJAAOXVF2lzylzF70V/UGTNo1jk9w3/p6btU1iuzKspyY\nY4aPZla3DImI8mezrgFrGYNg7bZYLKuJyGDADKih2sUQpzmDZ6MJxKAE3NLRWyQa\n7cCJdoNR9yVqytEw1Y/ZRXAXWfMb3Y1ts2EqR8hzLQgMYb0JC58cLMG3T0RgyPoO\nA4CTIoYpK1WnsykAE8M4XFrnOW3lrtse6T8N/dTVMuodElAEhc0=\n=/At6\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: httpd security update\nAdvisory ID: RHSA-2022:0143-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:0143\nIssue date: 2022-01-17\nCVE Names: CVE-2021-26691 CVE-2021-34798 CVE-2021-39275\n CVE-2021-44790\n====================================================================\n1. Summary:\n\nAn update for httpd is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_lua: Possible buffer overflow when parsing multipart content\n(CVE-2021-44790)\n\n* httpd: mod_session: Heap overflow via a crafted SessionHeader value\n(CVE-2021-26691)\n\n* httpd: NULL pointer dereference via malformed requests (CVE-2021-34798)\n\n* httpd: Out-of-bounds write in ap_escape_quotes() via malicious input\n(CVE-2021-39275)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1966732 - CVE-2021-26691 httpd: mod_session: Heap overflow via a crafted SessionHeader value\n2005119 - CVE-2021-39275 httpd: Out-of-bounds write in ap_escape_quotes() via malicious input\n2005128 - CVE-2021-34798 httpd: NULL pointer dereference via malformed requests\n2034674 - CVE-2021-44790 httpd: mod_lua: Possible buffer overflow when parsing multipart content\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.4.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.4.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm\nmod_session-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.4.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.4.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.4.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm\nmod_session-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.4.noarch.rpm\n\nppc64:\nhttpd-2.4.6-97.el7_9.4.ppc64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm\nhttpd-devel-2.4.6-97.el7_9.4.ppc64.rpm\nhttpd-tools-2.4.6-97.el7_9.4.ppc64.rpm\nmod_session-2.4.6-97.el7_9.4.ppc64.rpm\nmod_ssl-2.4.6-97.el7_9.4.ppc64.rpm\n\nppc64le:\nhttpd-2.4.6-97.el7_9.4.ppc64le.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm\nhttpd-devel-2.4.6-97.el7_9.4.ppc64le.rpm\nhttpd-tools-2.4.6-97.el7_9.4.ppc64le.rpm\nmod_session-2.4.6-97.el7_9.4.ppc64le.rpm\nmod_ssl-2.4.6-97.el7_9.4.ppc64le.rpm\n\ns390x:\nhttpd-2.4.6-97.el7_9.4.s390x.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm\nhttpd-devel-2.4.6-97.el7_9.4.s390x.rpm\nhttpd-tools-2.4.6-97.el7_9.4.s390x.rpm\nmod_session-2.4.6-97.el7_9.4.s390x.rpm\nmod_ssl-2.4.6-97.el7_9.4.s390x.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.4.x86_64.rpm\nmod_session-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nhttpd-debuginfo-2.4.6-97.el7_9.4.ppc64.rpm\nmod_ldap-2.4.6-97.el7_9.4.ppc64.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.ppc64.rpm\n\nppc64le:\nhttpd-debuginfo-2.4.6-97.el7_9.4.ppc64le.rpm\nmod_ldap-2.4.6-97.el7_9.4.ppc64le.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.ppc64le.rpm\n\ns390x:\nhttpd-debuginfo-2.4.6-97.el7_9.4.s390x.rpm\nmod_ldap-2.4.6-97.el7_9.4.s390x.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.s390x.rpm\n\nx86_64:\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.4.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nhttpd-2.4.6-97.el7_9.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-97.el7_9.4.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-devel-2.4.6-97.el7_9.4.x86_64.rpm\nhttpd-tools-2.4.6-97.el7_9.4.x86_64.rpm\nmod_session-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ssl-2.4.6-97.el7_9.4.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nhttpd-debuginfo-2.4.6-97.el7_9.4.x86_64.rpm\nmod_ldap-2.4.6-97.el7_9.4.x86_64.rpm\nmod_proxy_html-2.4.6-97.el7_9.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-26691\nhttps://access.redhat.com/security/cve/CVE-2021-34798\nhttps://access.redhat.com/security/cve/CVE-2021-39275\nhttps://access.redhat.com/security/cve/CVE-2021-44790\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYeVdC9zjgjWX9erEAQgzNw/8CjsxUvDW64dwvpcYH/OWJhKqvD53sX+w\nivf4+hhCsEVLvrjD0eTNkbeza+dcZqoR5swL0IjAGXKJ/0q/oh4/yxq2ydgvEYsY\nrAjts0tnynoswBaFo6eaBlcNxQroGID0uqgXkUFt37m4eetACuOSVRcZ7/sNsqBS\niQF4l16vjNvKeOdKY8nSNe77Dt1/Lj41NoL6XbAZPuvaiLBqqGOY9xYfZSSmFHFq\nH4dB8cfMC4cWysFtnzffJ+dJdzcWNOxklwLlZe72JoAJYP59da2YuIoE2LsQRGPC\nOcc84zH/UZx4JWJhF7FEEALC/tizfFqu9qWr1OIDmSVTEAZ+6IZ/mDeF83+0Mrc4\nAiV3oiJi7Fx4XTDUL8fim+FORaSI2IR7LK1Zjau1qCN04ayyFXwJdK/fwgIWJHon\ngYhyUsAj7F7At9m8cCVRP5K4jjmr0qrmsF1M1B6xqMLWlYNcWu3obJS/FbiSdwQJ\n7jFdBagThGOzIle0eGk0iMZ+vRJSuaSMZ7GDA14o46KB+EkvYLe+wi6jBQXJeD6Q\nOueenu2JiMvB8+dJNYrn9uQY+8WHyCVV1HMMmVo9LajA1FJRXgMIQN5ZmDMoDW73\nqFV+VCOHtKPI2hC8ngZYy2RyEUhK4t3f7xmJgtoJ4/DuaGsRWL7xZPL7gLHxWnS4\n5VjPyLrWg5U=TyMo\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-20\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Apache HTTPD: Multiple Vulnerabilities\n Date: August 14, 2022\n Bugs: #813429, #816399, #816864, #829722, #835131, #850622\n ID: 202208-20\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in Apache Webserver, the\nworst of which could result in remote code execution. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Apache HTTPD users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.4.54\"\n\nAll Apache HTTPD tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-admin/apache-tools-2.4.54\"\n\nReferences\n=========\n[ 1 ] CVE-2021-33193\n https://nvd.nist.gov/vuln/detail/CVE-2021-33193\n[ 2 ] CVE-2021-34798\n https://nvd.nist.gov/vuln/detail/CVE-2021-34798\n[ 3 ] CVE-2021-36160\n https://nvd.nist.gov/vuln/detail/CVE-2021-36160\n[ 4 ] CVE-2021-39275\n https://nvd.nist.gov/vuln/detail/CVE-2021-39275\n[ 5 ] CVE-2021-40438\n https://nvd.nist.gov/vuln/detail/CVE-2021-40438\n[ 6 ] CVE-2021-41524\n https://nvd.nist.gov/vuln/detail/CVE-2021-41524\n[ 7 ] CVE-2021-41773\n https://nvd.nist.gov/vuln/detail/CVE-2021-41773\n[ 8 ] CVE-2021-42013\n https://nvd.nist.gov/vuln/detail/CVE-2021-42013\n[ 9 ] CVE-2021-44224\n https://nvd.nist.gov/vuln/detail/CVE-2021-44224\n[ 10 ] CVE-2021-44790\n https://nvd.nist.gov/vuln/detail/CVE-2021-44790\n[ 11 ] CVE-2022-22719\n https://nvd.nist.gov/vuln/detail/CVE-2022-22719\n[ 12 ] CVE-2022-22720\n https://nvd.nist.gov/vuln/detail/CVE-2022-22720\n[ 13 ] CVE-2022-22721\n https://nvd.nist.gov/vuln/detail/CVE-2022-22721\n[ 14 ] CVE-2022-23943\n https://nvd.nist.gov/vuln/detail/CVE-2022-23943\n[ 15 ] CVE-2022-26377\n https://nvd.nist.gov/vuln/detail/CVE-2022-26377\n[ 16 ] CVE-2022-28614\n https://nvd.nist.gov/vuln/detail/CVE-2022-28614\n[ 17 ] CVE-2022-28615\n https://nvd.nist.gov/vuln/detail/CVE-2022-28615\n[ 18 ] CVE-2022-29404\n https://nvd.nist.gov/vuln/detail/CVE-2022-29404\n[ 19 ] CVE-2022-30522\n https://nvd.nist.gov/vuln/detail/CVE-2022-30522\n[ 20 ] CVE-2022-30556\n https://nvd.nist.gov/vuln/detail/CVE-2022-30556\n[ 21 ] CVE-2022-31813\n https://nvd.nist.gov/vuln/detail/CVE-2022-31813\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-20\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. ==========================================================================\nUbuntu Security Notice USN-5090-3\nSeptember 28, 2021\n\napache2 regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.04\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nUSN-5090-1 introduced a regression in Apache HTTP Server. One of the upstream\nfixes introduced a regression in UDS URIs. This update fixes the problem. \n\nOriginal advisory details:\n\n James Kettle discovered that the Apache HTTP Server HTTP/2 module\n incorrectly handled certain crafted methods. A remote attacker could\n possibly use this issue to perform request splitting or cache poisoning\n attacks. A remote attacker could possibly use this issue to\n cause the server to crash, resulting in a denial of service. \n (CVE-2021-34798)\n Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly\n handled certain request uri-paths. A remote attacker could possibly use\n this issue to cause the server to crash, resulting in a denial of service. \n This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. If the server was configured with third-party modules, a remote\n attacker could use this issue to cause the server to crash, resulting in a\n denial of service, or possibly execute arbitrary code. (CVE-2021-39275)\n It was discovered that the Apache mod_proxy module incorrectly handled\n certain request uri-paths. A remote attacker could possibly use this issue\n to cause the server to forward requests to arbitrary origin servers. \n (CVE-2021-40438)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.04:\n apache2 2.4.46-4ubuntu1.3\n apache2-bin 2.4.46-4ubuntu1.3\n\nUbuntu 20.04 LTS:\n apache2 2.4.41-4ubuntu3.6\n apache2-bin 2.4.41-4ubuntu3.6\n\nUbuntu 18.04 LTS:\n apache2 2.4.29-1ubuntu4.18\n apache2-bin 2.4.29-1ubuntu4.18\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169132", }, { db: "PACKETSTORM", id: "165587", }, { db: "PACKETSTORM", id: "166321", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "PACKETSTORM", id: "164318", }, ], trust: 3.06, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-34798", trust: 4, }, { db: "TENABLE", id: "TNS-2021-17", trust: 1.8, }, { db: "MCAFEE", id: "SB10379", trust: 1.8, }, { db: "SIEMENS", id: "SSA-685781", trust: 1.8, }, { db: "PACKETSTORM", id: "165587", trust: 0.8, }, { db: "PACKETSTORM", id: "166321", trust: 0.8, }, { db: "PACKETSTORM", id: "168072", trust: 0.8, }, { db: "PACKETSTORM", id: "168565", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-002671", trust: 0.8, }, { db: "CNVD", id: "CNVD-2022-03223", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-202109-1109", trust: 0.7, }, { db: "ICS CERT", id: "ICSA-22-167-06", trust: 0.7, }, { db: "PACKETSTORM", id: "164329", trust: 0.7, }, { db: "PACKETSTORM", id: "164318", trust: 0.7, }, { db: "CS-HELP", id: "SB2022012040", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101308", trust: 0.6, }, { db: "CS-HELP", id: "SB2022030119", trust: 0.6, }, { db: "CS-HELP", id: "SB2021092301", trust: 0.6, }, { db: "CS-HELP", id: "SB2022051316", trust: 0.6, }, { db: "CS-HELP", id: "SB2022031528", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011749", trust: 0.6, }, { db: "CS-HELP", id: "SB2021091707", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101513", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101922", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101005", trust: 0.6, }, { db: "CS-HELP", id: "SB2022060624", trust: 0.6, }, { db: "CS-HELP", id: "SB2021101101", trust: 0.6, }, { db: "CS-HELP", id: "SB2022042112", trust: 0.6, }, { db: "CS-HELP", id: "SB2021112902", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3229", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3405", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3341", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.7", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3148", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3591", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0850", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3482", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2978", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.5", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.2", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2352", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0217", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3357", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3250", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4004.3", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3387", trust: 0.6, }, { db: "ICS CERT", id: "ICSA-22-132-02", trust: 0.6, }, { db: "VULHUB", id: "VHN-395042", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-34798", trust: 0.1, }, { db: "PACKETSTORM", id: "169132", trust: 0.1, }, { db: "PACKETSTORM", id: "164305", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169132", }, { db: "PACKETSTORM", id: "165587", }, { db: "PACKETSTORM", id: "166321", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "PACKETSTORM", id: "164318", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, id: "VAR-202109-1805", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, ], trust: 1.3031922749999998, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, ], }, last_update_date: "2024-11-29T22:33:38.638000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "FEDORA-2021-e3f6dd670d", trust: 0.8, url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { title: "Patch for Apache HTTP Server Code Issue Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/313156", }, { title: "Apache HTTP Server Fixes for code issue vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=171210", }, { title: "Red Hat: Moderate: httpd:2.4 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20220891 - Security Advisory", }, { title: "Red Hat: CVE-2021-34798", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-34798", }, { title: "Debian Security Advisories: DSA-4982-1 apache2 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=93a29f7ecf9a6aaba79d3b3320aa4b85", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-34798 log", }, { title: "Red Hat: Moderate: httpd24-httpd security and bug fix update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20226753 - Security Advisory", }, { title: "Tenable Security Advisories: [R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202110.1", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-17", }, { title: "Brocade Security Advisories: CVE-2021-34798. NULL pointer dereference in httpd core.", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=2142ed2ad0c6564b6dfdd2779d3117ce", }, { title: "Brocade Security Advisories: Access Denied", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=3499da969fe529a2e6d5812690c8f102", }, { title: "Amazon Linux AMI: ALAS-2021-1543", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2021-1543", }, { title: "Amazon Linux 2: ALAS2-2021-1716", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1716", }, { title: "Cisco: Multiple Vulnerabilities in Apache HTTP Server Affecting Cisco Products: November 2021", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { title: "PROJET TUTEURE", trust: 0.1, url: "https://github.com/PierreChrd/py-projet-tut ", }, { title: "Tier 0\nTier 1\nTier 2", trust: 0.1, url: "https://github.com/Totes5706/TotesHTB ", }, { title: "Requirements\nvulnsearch-cve\nUsage\nvulnsearch\nUsage\nTest Sample", trust: 0.1, url: "https://github.com/kasem545/vulnsearch ", }, { title: "Skynet", trust: 0.1, url: "https://github.com/bioly230/THM_Skynet ", }, { title: "Shodan Search Script", trust: 0.1, url: "https://github.com/firatesatoglu/shodanSearch ", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.1, }, { problemtype: "NULL Pointer dereference (CWE-476) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-395042", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-34798", }, { trust: 1.9, url: "https://security.gentoo.org/glsa/202208-20", }, { trust: 1.8, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { trust: 1.8, url: "https://www.tenable.com/security/tns-2021-17", }, { trust: 1.8, url: "https://www.debian.org/security/2021/dsa-4982", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { trust: 1.8, url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { trust: 1.7, url: "https://kc.mcafee.com/corporate/index?page=content&id=sb10379", }, { trust: 1.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-httpd-2.4.49-vwl69swq", }, { trust: 1.2, url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 1.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-apache-", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/", }, { trust: 1.1, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3cusers.httpd.apache.org%3e", }, { trust: 1.1, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3cusers.httpd.apache.org%3e", }, { trust: 1.1, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3cusers.httpd.apache.org%3e", }, { trust: 1.1, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3cusers.httpd.apache.org%3e", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/", }, { trust: 1, url: "https://access.redhat.com/security/cve/cve-2021-34798", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2021-39275", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/spbr6wuybjnachke65spl7tjohx7rhwd/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zncysr3bxt36fff4xtcpl3hdqk4vp45r/", }, { trust: 0.6, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2021-34798", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-36160", }, { trust: 0.6, url: "httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 0.6, url: "http://", }, { trust: 0.6, url: "httpd.apache.org%3e", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3cusers.", }, { trust: 0.6, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3cusers.", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022051316", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022030119", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022031528", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3229", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3405", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/165587/red-hat-security-advisory-2022-0143-03.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/166321/red-hat-security-advisory-2022-0891-01.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021112902", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022060624", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101513", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3357", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2352", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0217", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3250", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3591", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/168072/gentoo-linux-security-advisory-202208-20.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.7", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164318/ubuntu-security-notice-usn-5090-3.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0850", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6520016", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-167-06", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/168565/red-hat-security-advisory-2022-6753-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2978", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.3", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.2", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4004.5", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022012040", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011749", }, { trust: 0.6, url: "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-02", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022042112", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021092301", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3387", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3341", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101922", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164329/ubuntu-security-notice-usn-5090-4.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101308", }, { trust: 0.6, url: "httpd-2.4.49-vwl69swq", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3148", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021091707", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101101", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/apache-http-server-four-vulnerabilities-36444", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3482", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021101005", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33193", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2021-40438", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-39275", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://ubuntu.com/security/notices/usn-5090-1", }, { trust: 0.2, url: "https://access.redhat.com/errata/rhsa-2022:0891", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22721", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28614", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-29404", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28615", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30522", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44224", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22719", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30556", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23943", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26377", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44790", }, { trust: 0.1, url: "https://kc.mcafee.com/corporate/index?page=content&id=sb10379", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432@%3cusers.httpd.apache.org%3e", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/476.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-167-06", }, { trust: 0.1, url: "https://github.com/totes5706/toteshtb", }, { trust: 0.1, url: "https://access.redhat.com/articles/6975397", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-30556", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36160", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22719", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-28614", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:6753", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-28615", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-31813", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-30522", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-44224", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22721", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-29404", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33193", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-23943", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-26377", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/apache2", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-44790", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26691", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-26691", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:0143", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-31813", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41773", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41524", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-42013", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22720", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.17", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.5", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.46-4ubuntu1.2", }, { trust: 0.1, url: "https://launchpad.net/bugs/xxxxxx", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5090-4", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5090-3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.6", }, { trust: 0.1, url: "https://launchpad.net/bugs/1945311", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.18", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/apache2/2.4.46-4ubuntu1.3", }, ], sources: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169132", }, { db: "PACKETSTORM", id: "165587", }, { db: "PACKETSTORM", id: "166321", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "PACKETSTORM", id: "164318", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2022-03223", }, { db: "VULHUB", id: "VHN-395042", }, { db: "VULMON", id: "CVE-2021-34798", }, { db: "JVNDB", id: "JVNDB-2021-002671", }, { db: "PACKETSTORM", id: "168565", }, { db: "PACKETSTORM", id: "169132", }, { db: "PACKETSTORM", id: "165587", }, { db: "PACKETSTORM", id: "166321", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "PACKETSTORM", id: "164318", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, { db: "NVD", id: "CVE-2021-34798", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-12T00:00:00", db: "CNVD", id: "CNVD-2022-03223", }, { date: "2021-09-16T00:00:00", db: "VULHUB", id: "VHN-395042", }, { date: "2021-09-16T00:00:00", db: "VULMON", id: "CVE-2021-34798", }, { date: "2021-09-29T00:00:00", db: "JVNDB", id: "JVNDB-2021-002671", }, { date: "2022-09-30T14:51:18", db: "PACKETSTORM", id: "168565", }, { date: "2021-10-28T19:12:00", db: "PACKETSTORM", id: "169132", }, { date: "2022-01-17T16:53:40", db: "PACKETSTORM", id: "165587", }, { date: "2022-03-15T15:50:26", db: "PACKETSTORM", id: "166321", }, { date: "2022-08-15T16:02:48", db: "PACKETSTORM", id: "168072", }, { date: "2021-09-28T15:06:35", db: "PACKETSTORM", id: "164305", }, { date: "2021-09-29T14:50:01", db: "PACKETSTORM", id: "164329", }, { date: "2021-09-28T15:23:06", db: "PACKETSTORM", id: "164318", }, { date: "2021-09-16T00:00:00", db: "CNNVD", id: "CNNVD-202109-1109", }, { date: "2021-09-16T15:15:07.267000", db: "NVD", id: "CVE-2021-34798", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-01-13T00:00:00", db: "CNVD", id: "CNVD-2022-03223", }, { date: "2022-10-28T00:00:00", db: "VULHUB", id: "VHN-395042", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2021-34798", }, { date: "2021-09-29T06:16:00", db: "JVNDB", id: "JVNDB-2021-002671", }, { date: "2023-02-22T00:00:00", db: "CNNVD", id: "CNNVD-202109-1109", }, { date: "2023-11-07T03:36:26.910000", db: "NVD", id: "CVE-2021-34798", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "164305", }, { db: "PACKETSTORM", id: "164329", }, { db: "PACKETSTORM", id: "164318", }, { db: "CNNVD", id: "CNNVD-202109-1109", }, ], trust: 1, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache HTTP Server In NULL Pointer dereference vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-002671", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "code problem", sources: [ { db: "CNNVD", id: "CNNVD-202109-1109", }, ], trust: 0.6, }, }
var-202110-1615
Vulnerability from variot
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various *Text options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various *Text options are now always treated as pure text, not HTML. A workaround is to not accept the value of the *Text options from untrusted sources. jQuery-UI Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. jQuery is an open source, cross-browser JavaScript library developed by American John Resig individual developer. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update Advisory ID: RHSA-2022:4711-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2022:4711 Issue date: 2022-05-26 CVE Names: CVE-2021-3807 CVE-2021-23425 CVE-2021-33502 CVE-2021-41182 CVE-2021-41183 CVE-2021-41184 ==================================================================== 1. Summary:
Updated ovirt-engine packages that fix several bugs and add various enhancements are now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch
- Description:
The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning.
Security Fix(es):
-
nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes (CVE-2021-3807)
-
nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)
-
normalize-url: ReDoS for data URLs (CVE-2021-33502)
-
jquery-ui: XSS in the altField option of the datepicker widget (CVE-2021-41182)
-
jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)
-
jquery-ui: XSS in the 'of' option of the .position() util (CVE-2021-41184)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
A list of bugs fixed in this update is available in the Technical Notes book:
https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
- Bugs fixed (https://bugzilla.redhat.com/):
655153 - [RFE] confirmation prompt when suspending a virtual machine - webadmin 977778 - [RFE] - Mechanism for converting disks for non-running VMS 1624015 - [RFE] Expose Console Options and Console invocation via API 1648985 - VM from VM-pool which is already in use by a SuperUser is presented to another User with UserRole permission who can shutdown the VM. 1667517 - [RFE] add VM Portal setting for set screen mode 1687845 - Multiple notification for one time host activation 1781241 - missing ?connect automatically? option in vm portal 1782056 - [RFE] Integration of built-in ipsec feature in RHV/RHHI-V with OVN 1849169 - [RFE] add virtualCPUs/physicalCPUs ratio property to evenly_distributed policy 1878930 - [RFE] Provide warning event if MAC Address Pool free and available addresses are below threshold 1922977 - [RFE] VM shared disks are not part of the OVF_STORE 1926625 - [RFE] How to enable HTTP Strict Transport Security (HSTS) on Apache HTTPD for Red Hat Virtualization Manager 1927985 - [RFE] Speed up export-to-OVA on NFS by aligning loopback device offset 1944290 - URL to change the password is not shown properly 1944834 - [RFE] Timer for Console Disconnect Action - Shutdown VM after N minutes of being disconnected (Webadmin-only) 1956295 - Template import from storage domain fails when quota is enabled. 1959186 - Enable assignment of user quota when provisioning from a non-blank template via rest-api 1964208 - [RFE] add new feature for VM's screenshot on RestAPI 1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs 1971622 - Incorrect warning displayed: "The VM CPU does not match the Cluster CPU Type" 1974741 - Disk images remain in locked state if the HE VM is rebooted during a image transfer 1979441 - High Performance VMs always have "VM CPU does not match the cluster CPU Type" warning 1979797 - Ask user for confirmation when the deleted storage domain has leases of VMs that has disk in other SDs 1980192 - Network statistics copy a U64 into DECIMAL(18,4) 1986726 - VM imported from OVA gets thin provisioned disk despite of allocation policy set as 'preallocated' 1986834 - [DOCS] add nodejs and maven to list of subscription streams to be enabled in RHVM installation 1987121 - [RFE] Support enabling nVidia Unified Memory on mdev vGPU 1988496 - vmconsole-proxy-helper.cer is not renewed when running engine-setup 1990462 - [RFE] Add user name and password to ELK integration 1991240 - Assign user quota when provisioning from a non-blank template via web-ui 1995793 - CVE-2021-23425 nodejs-trim-off-newlines: ReDoS via string processing 1996123 - ovf stores capacity/truesize on the storage does not match values in engine database 1998255 - [RFE] [UI] Add search box for vNIC Profiles in RHVM WebUI on the main vNIC profiles tab 1999698 - ssl.conf modifications of engine-setup do not conform to best practices (according to red hat insights) 2000031 - SPM host is rebooted multiple times when engine recovers the host 2002283 - Make NumOfPciExpressPorts configurable via engine-config 2003883 - Failed to update the VFs configuration of network interface card type 82599ES and X520 2003996 - ovirt_snapshot module fails to delete snapshot when there is a "Next Run configuration snapshot" 2006602 - vm_statistics table has wrong type for guest_mem_ columns. 2006745 - [MBS] Template disk Copy from data storage domain to Managed Block Storage domain is failing 2007384 - Failed to parse 'writeRate' value xxxx to integer: For input string: xxxx 2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes 2008798 - Older name rhv-openvswitch is not checked in ansible playbook 2010203 - Log analyzer creates faulty VM unmanaged devices report 2010903 - I/O operations/sec reporting wrong values 2013928 - Log analyzer creates faulty non default vdc_option report 2014888 - oVirt executive dashboard/Virtual Machine dashboard does not actually show disk I/O operations per second, but it shows sum of I/o operations since the boot time of VM 2015796 - [RFE] RHV Manager should support running on a host with DISA STIG security profile applied 2019144 - CVE-2021-41182 jquery-ui: XSS in the altField option of the datepicker widget 2019148 - CVE-2021-41183 jquery-ui: XSS in Text options of the datepicker widget 2019153 - CVE-2021-41184 jquery-ui: XSS in the 'of' option of the .position() util 2021217 - [RFE] Windows 2022 support 2023250 - [RFE] Use virt:rhel module instead of virt:av in RHEL 8.6+ to get advanced virtualization packages 2023786 - RHV VM with SAP monitoring configuration does not fail to start if the Host is missing vdsm-hook-vhostmd 2024202 - RHV Dashboard does not show memory and storage details properly when using Spanish language. 2025936 - metrics configuration playbooks failing due to rhel-system-role last refactor 2030596 - [RFE] RHV Manager should support running on a host with the PCI-DSS security profile applied 2030663 - Update Network statistics types in DWH 2031027 - The /usr/share/ovirt-engine/ansible-runner-service-project/inventory/hosts fails rpm verification 2035051 - removing nfs-utils cause ovirt-engine removal due to cinderlib dep tree 2037115 - rhv-image-discrepancies (rhv-log-collector-analyzer-1.0.11-1.el8ev) tool continues flags OVF_STORE volumes. 2037121 - RFE: Add Data Center and Storage Domain name in the rhv-image-discrepancies tool output. 2040361 - Hotplug VirtIO-SCSI disk fails with error "Domain already contains a disk with that address" when IO threads > 1 2040402 - unable to use --log-size=0 option 2040474 - [RFE] Add progress tracking for Cluster Upgrade 2041544 - Admin GUI: Making selection of host while uploading disk it will immediately replace it with the first active host in the list. 2043146 - Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped during Enroll Certificate 2044273 - Remove the RHV Guest Tools ISO image upload option from engine-setup 2048546 - sosreport command should be replaced by sos report 2050566 - Upgrade ovirt-log-collector to 4.4.5 2050614 - Upgrade rhvm-setup-plugins to 4.5.0 2051857 - Upgrade rhv-log-collector-analizer to 1.0.13 2052557 - RHV fails to release mdev vGPU device after VM shutdown 2052690 - [RFE] Upgrade to ansible-core-2.12 in ovirt-engine 2054756 - [welcome page] Add link to MTV guide 2055136 - virt module is not changed to the correct stream during host upgrade 2056021 - [BUG]: "Enroll Certificate" operation not updating libvirt-vnc cert and key 2056052 - RHV-H w/ PCI-DSS profile causes OVA export to fail 2056126 - [RFE] Extend time to warn of upcoming certificate expiration 2058264 - Export as OVA playbook gets stuck with 'found an incomplete artifacts directory...Possible ansible_runner error?' 2059521 - [RFE] Upgrade to ansible-core-2.12 in ovirt-engine-metrics 2059877 - [DOCS][Upgrade] Update RHVM update procedure in Upgrade guide 2061904 - Unable to attach a RHV Host back into cluster after removing due to networking 2065052 - [TRACKER] Upgrade to ansible-core-2.12 in RHV 4.4 SP1 2066084 - vmconsole-proxy-user certificate expired - cannot access serial console 2066283 - Upgrade from RHV 4.4.10 to RHV 4.5.0 is broken 2069972 - [Doc][RN]Add cluster-level 4.7 to compatibility table 2070156 - [TESTONLY] Test upgrade from ovirt-engine-4.4.1 2071468 - Engine fenced host that was already reconnected and set to Up status. 2072637 - Build and distribute python38-daemon in RHV channels 2072639 - Build and distribute ansible-runner in RHV channels 2072641 - Build and distribute python38-docutils in RHV channels 2072642 - Build and distribute python38-lockfile in RHV channels 2072645 - Build and distribute python38-pexpect in RHV channels 2072646 - Build and distribute python38-ptyprocess in RHV channels 2075352 - upgrading RHV-H does not renew certificate
- Package List:
RHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:
Source: ansible-runner-2.1.3-1.el8ev.src.rpm apache-sshd-2.8.0-0.1.el8ev.src.rpm engine-db-query-1.6.4-1.el8ev.src.rpm ovirt-dependencies-4.5.1-1.el8ev.src.rpm ovirt-engine-4.5.0.7-0.9.el8ev.src.rpm ovirt-engine-dwh-4.5.2-1.el8ev.src.rpm ovirt-engine-metrics-1.6.0-1.el8ev.src.rpm ovirt-engine-ui-extensions-1.3.3-1.el8ev.src.rpm ovirt-log-collector-4.4.5-1.el8ev.src.rpm ovirt-web-ui-1.8.1-2.el8ev.src.rpm rhv-log-collector-analyzer-1.0.13-1.el8ev.src.rpm rhvm-branding-rhv-4.4.11-1.el8ev.src.rpm rhvm-setup-plugins-4.5.0-2.el8ev.src.rpm vdsm-jsonrpc-java-1.7.1-2.el8ev.src.rpm
noarch: ansible-runner-2.1.3-1.el8ev.noarch.rpm apache-sshd-2.8.0-0.1.el8ev.noarch.rpm apache-sshd-javadoc-2.8.0-0.1.el8ev.noarch.rpm engine-db-query-1.6.4-1.el8ev.noarch.rpm ovirt-dependencies-4.5.1-1.el8ev.noarch.rpm ovirt-engine-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-backend-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-dbscripts-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-dwh-4.5.2-1.el8ev.noarch.rpm ovirt-engine-dwh-grafana-integration-setup-4.5.2-1.el8ev.noarch.rpm ovirt-engine-dwh-setup-4.5.2-1.el8ev.noarch.rpm ovirt-engine-health-check-bundler-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-metrics-1.6.0-1.el8ev.noarch.rpm ovirt-engine-restapi-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-base-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-cinderlib-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-imageio-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-ovirt-engine-common-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-setup-plugin-websocket-proxy-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-tools-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-tools-backup-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-ui-extensions-1.3.3-1.el8ev.noarch.rpm ovirt-engine-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-webadmin-portal-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-engine-websocket-proxy-4.5.0.7-0.9.el8ev.noarch.rpm ovirt-log-collector-4.4.5-1.el8ev.noarch.rpm ovirt-web-ui-1.8.1-2.el8ev.noarch.rpm python3-ovirt-engine-lib-4.5.0.7-0.9.el8ev.noarch.rpm python38-ansible-runner-2.1.3-1.el8ev.noarch.rpm python38-docutils-0.14-12.4.el8ev.noarch.rpm rhv-log-collector-analyzer-1.0.13-1.el8ev.noarch.rpm rhvm-4.5.0.7-0.9.el8ev.noarch.rpm rhvm-branding-rhv-4.4.11-1.el8ev.noarch.rpm rhvm-setup-plugins-4.5.0-2.el8ev.noarch.rpm vdsm-jsonrpc-java-1.7.1-2.el8ev.noarch.rpm vdsm-jsonrpc-java-javadoc-1.7.1-2.el8ev.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-3807 https://access.redhat.com/security/cve/CVE-2021-23425 https://access.redhat.com/security/cve/CVE-2021-33502 https://access.redhat.com/security/cve/CVE-2021-41182 https://access.redhat.com/security/cve/CVE-2021-41183 https://access.redhat.com/security/cve/CVE-2021-41184 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYo/qI9zjgjWX9erEAQhpng//aJBlyx9sUzPTC08WE6OwY4Ihk8b0wSh5 C9RWX/PmlDE2CAivQHpSs8D7/IizHl4Arn6f0HJx+NavN8YfbApqs2mcq+KUKYuC /VxCb3YlukeDsXeYIM+ScifS9M+N+WNGy9BRrlcYxZ4Ya5zLYv/ibrrHCX44yKz8 Jg5abyQyCzI6DEPjSDRIZkULLIdkbQ8xGd7j5P4ThAR2MRf8deeHez4/NmfrQm6n Q3f4qeQlljiNgoGdxa2z65Shxpb3pkWGt81MZuMwKpRa6EDBDs8vGMA0LZamsikv XZUU2P7d+JrXvLd2bmfGty6EaQ2FY0XoB0vvK1AyUhSZkX2thUvFsEgIdWjLSu4a eT28D2etZLTIyl1DB42L+5gcomaQTn0sT0i99ExWkFyf9xWne+ygOFYydjV0/fy+ 530Pwzlk9c2QtHgJ/XzGU12QLzKa/tvLbqXTfmAmlqDkU/+3aIr2l5SgnudzY4NN BAUae8noIVWEs6L+6DY5HYt+x+WYYLipQh9gPjpBOaH+sEFvZ2+GzlVR0zF4IM5E qLH5bopwO6GfHeNjv+4U+l+3kjhJIpwrsy/uzc+/mExrraYFpZc8skbcGRyhQ7ML CtHSV7Y4x/OguhgYeqx1ocCfpIpkbu4MGa4esGDW4ocvL03AHnbxOG7gGvBH35oF cada2etYwu0=nreb -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202110-1615", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "h700s", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "drupal", scope: "gte", trust: 1, vendor: "drupal", version: "9.2.0", }, { model: "drupal", scope: "lt", trust: 1, vendor: "drupal", version: "9.2.11", }, { model: "drupal", scope: "gte", trust: 1, vendor: "drupal", version: "7.0", }, { model: "drupal", scope: "lt", trust: 1, vendor: "drupal", version: "9.3.3", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "35", }, { model: "drupal", scope: "gte", trust: 1, vendor: "drupal", version: "9.3.0", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.4", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "jquery ui", scope: "lt", trust: 1, vendor: "jqueryui", version: "1.13.0", }, { model: "communications interactive session recorder", scope: "eq", trust: 1, vendor: "oracle", version: "6.4", }, { model: "hospitality inventory management", scope: "eq", trust: 1, vendor: "oracle", version: "9.1.0", }, { model: "big data spatial and graph", scope: "eq", trust: 1, vendor: "oracle", version: "23.1", }, { model: "primavera gateway", scope: "lte", trust: 1, vendor: "oracle", version: "17.12", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "33", }, { model: "h300e", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "weblogic server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "policy automation", scope: "lte", trust: 1, vendor: "oracle", version: "12.2.5", }, { model: "policy automation", scope: "gte", trust: 1, vendor: "oracle", version: "12.2.0", }, { model: "hospitality suite8", scope: "lte", trust: 1, vendor: "oracle", version: "11.14.0", }, { model: "primavera gateway", scope: "gte", trust: 1, vendor: "oracle", version: "17.7", }, { model: "h700e", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.58", }, { model: "primavera gateway", scope: "eq", trust: 1, vendor: "oracle", version: "20.12.0", }, { model: "weblogic server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "big data spatial and graph", scope: "lt", trust: 1, vendor: "oracle", version: "23.1", }, { model: "mysql enterprise monitor", scope: "lte", trust: 1, vendor: "oracle", version: "8.0.29", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "36", }, { model: "agile plm", scope: "eq", trust: 1, vendor: "oracle", version: "9.3.6", }, { model: "hospitality suite8", scope: "eq", trust: 1, vendor: "oracle", version: "8.10.2", }, { model: "drupal", scope: "lt", trust: 1, vendor: "drupal", version: "7.86", }, { model: "banking platform", scope: "eq", trust: 1, vendor: "oracle", version: "2.12.0", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.59", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "5.0", }, { model: "h410c", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "hospitality suite8", scope: "gte", trust: 1, vendor: "oracle", version: "8.11.0", }, { model: "rest data services", scope: "eq", trust: 1, vendor: "oracle", version: "22.1.1", }, { model: "weblogic server", scope: "eq", trust: 1, vendor: "oracle", version: "14.1.1.0.0", }, { model: "jd edwards enterpriseone tools", scope: "lte", trust: 1, vendor: "oracle", version: "9.2.6.3", }, { model: "h500e", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "h300s", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "primavera gateway", scope: "eq", trust: 1, vendor: "oracle", version: "19.12.0", }, { model: "rest data services", scope: "lt", trust: 1, vendor: "oracle", version: "22.1.1", }, { model: "h500s", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "primavera gateway", scope: "eq", trust: 1, vendor: "oracle", version: "21.12.0", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.3", }, { model: "primavera gateway", scope: "eq", trust: 1, vendor: "oracle", version: "18.8.0", }, { model: "application express", scope: "lt", trust: 1, vendor: "oracle", version: "22.1.1", }, { model: "banking platform", scope: "eq", trust: 1, vendor: "oracle", version: "2.9.0", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.21.0", }, { model: "h410s", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "h300s", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "h500e", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "h500s", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "ui", scope: null, trust: 0.8, vendor: "jquery", version: null, }, { model: "h410c", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "h300e", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "h700e", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "drupal", scope: null, trust: 0.8, vendor: "drupal", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "h410s", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "h700s", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "167278", }, ], trust: 0.1, }, cve: "CVE-2021-41183", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-41183", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-397877", impactScore: 2.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2021-41183", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "security-advisories@github.com", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.8, id: "CVE-2021-41183", impactScore: 3.6, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2021-41183", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-41183", trust: 1, value: "MEDIUM", }, { author: "security-advisories@github.com", id: "CVE-2021-41183", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-41183", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202110-1839", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-397877", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2021-41183", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-397877", }, { db: "VULMON", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, { db: "NVD", id: "CVE-2021-41183", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources. jQuery-UI Exists in a cross-site scripting vulnerability.Information may be obtained and information may be tampered with. jQuery is an open source, cross-browser JavaScript library developed by American John Resig individual developer. The library simplifies the operation between HTML and JavaScript, and has the characteristics of modularization and plug-in extension. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update\nAdvisory ID: RHSA-2022:4711-01\nProduct: Red Hat Virtualization\nAdvisory URL: https://access.redhat.com/errata/RHSA-2022:4711\nIssue date: 2022-05-26\nCVE Names: CVE-2021-3807 CVE-2021-23425 CVE-2021-33502\n CVE-2021-41182 CVE-2021-41183 CVE-2021-41184\n====================================================================\n1. Summary:\n\nUpdated ovirt-engine packages that fix several bugs and add various\nenhancements are now available. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4 - noarch\n\n3. Description:\n\nThe ovirt-engine package provides the Red Hat Virtualization Manager, a\ncentralized management platform that allows system administrators to view\nand manage virtual machines. The Manager provides a comprehensive range of\nfeatures including search capabilities, resource management, live\nmigrations, and virtual infrastructure provisioning. \n\nSecurity Fix(es):\n\n* nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching\nANSI escape codes (CVE-2021-3807)\n\n* nodejs-trim-off-newlines: ReDoS via string processing (CVE-2021-23425)\n\n* normalize-url: ReDoS for data URLs (CVE-2021-33502)\n\n* jquery-ui: XSS in the altField option of the datepicker widget\n(CVE-2021-41182)\n\n* jquery-ui: XSS in *Text options of the datepicker widget (CVE-2021-41183)\n\n* jquery-ui: XSS in the 'of' option of the .position() util\n(CVE-2021-41184)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nA list of bugs fixed in this update is available in the Technical Notes\nbook:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n655153 - [RFE] confirmation prompt when suspending a virtual machine - webadmin\n977778 - [RFE] - Mechanism for converting disks for non-running VMS\n1624015 - [RFE] Expose Console Options and Console invocation via API\n1648985 - VM from VM-pool which is already in use by a SuperUser is presented to another User with UserRole permission who can shutdown the VM. \n1667517 - [RFE] add VM Portal setting for set screen mode\n1687845 - Multiple notification for one time host activation\n1781241 - missing ?connect automatically? option in vm portal\n1782056 - [RFE] Integration of built-in ipsec feature in RHV/RHHI-V with OVN\n1849169 - [RFE] add virtualCPUs/physicalCPUs ratio property to evenly_distributed policy\n1878930 - [RFE] Provide warning event if MAC Address Pool free and available addresses are below threshold\n1922977 - [RFE] VM shared disks are not part of the OVF_STORE\n1926625 - [RFE] How to enable HTTP Strict Transport Security (HSTS) on Apache HTTPD for Red Hat Virtualization Manager\n1927985 - [RFE] Speed up export-to-OVA on NFS by aligning loopback device offset\n1944290 - URL to change the password is not shown properly\n1944834 - [RFE] Timer for Console Disconnect Action - Shutdown VM after N minutes of being disconnected (Webadmin-only)\n1956295 - Template import from storage domain fails when quota is enabled. \n1959186 - Enable assignment of user quota when provisioning from a non-blank template via rest-api\n1964208 - [RFE] add new feature for VM's screenshot on RestAPI\n1964461 - CVE-2021-33502 normalize-url: ReDoS for data URLs\n1971622 - Incorrect warning displayed: \"The VM CPU does not match the Cluster CPU Type\"\n1974741 - Disk images remain in locked state if the HE VM is rebooted during a image transfer\n1979441 - High Performance VMs always have \"VM CPU does not match the cluster CPU Type\" warning\n1979797 - Ask user for confirmation when the deleted storage domain has leases of VMs that has disk in other SDs\n1980192 - Network statistics copy a U64 into DECIMAL(18,4)\n1986726 - VM imported from OVA gets thin provisioned disk despite of allocation policy set as 'preallocated'\n1986834 - [DOCS] add nodejs and maven to list of subscription streams to be enabled in RHVM installation\n1987121 - [RFE] Support enabling nVidia Unified Memory on mdev vGPU\n1988496 - vmconsole-proxy-helper.cer is not renewed when running engine-setup\n1990462 - [RFE] Add user name and password to ELK integration\n1991240 - Assign user quota when provisioning from a non-blank template via web-ui\n1995793 - CVE-2021-23425 nodejs-trim-off-newlines: ReDoS via string processing\n1996123 - ovf stores capacity/truesize on the storage does not match values in engine database\n1998255 - [RFE] [UI] Add search box for vNIC Profiles in RHVM WebUI on the main vNIC profiles tab\n1999698 - ssl.conf modifications of engine-setup do not conform to best practices (according to red hat insights)\n2000031 - SPM host is rebooted multiple times when engine recovers the host\n2002283 - Make NumOfPciExpressPorts configurable via engine-config\n2003883 - Failed to update the VFs configuration of network interface card type 82599ES and X520\n2003996 - ovirt_snapshot module fails to delete snapshot when there is a \"Next Run configuration snapshot\"\n2006602 - vm_statistics table has wrong type for guest_mem_* columns. \n2006745 - [MBS] Template disk Copy from data storage domain to Managed Block Storage domain is failing\n2007384 - Failed to parse 'writeRate' value xxxx to integer: For input string: xxxx\n2007557 - CVE-2021-3807 nodejs-ansi-regex: Regular expression denial of service (ReDoS) matching ANSI escape codes\n2008798 - Older name rhv-openvswitch is not checked in ansible playbook\n2010203 - Log analyzer creates faulty VM unmanaged devices report\n2010903 - I/O operations/sec reporting wrong values\n2013928 - Log analyzer creates faulty non default vdc_option report\n2014888 - oVirt executive dashboard/Virtual Machine dashboard does not actually show disk I/O operations per second, but it shows sum of I/o operations since the boot time of VM\n2015796 - [RFE] RHV Manager should support running on a host with DISA STIG security profile applied\n2019144 - CVE-2021-41182 jquery-ui: XSS in the altField option of the datepicker widget\n2019148 - CVE-2021-41183 jquery-ui: XSS in *Text options of the datepicker widget\n2019153 - CVE-2021-41184 jquery-ui: XSS in the 'of' option of the .position() util\n2021217 - [RFE] Windows 2022 support\n2023250 - [RFE] Use virt:rhel module instead of virt:av in RHEL 8.6+ to get advanced virtualization packages\n2023786 - RHV VM with SAP monitoring configuration does not fail to start if the Host is missing vdsm-hook-vhostmd\n2024202 - RHV Dashboard does not show memory and storage details properly when using Spanish language. \n2025936 - metrics configuration playbooks failing due to rhel-system-role last refactor\n2030596 - [RFE] RHV Manager should support running on a host with the PCI-DSS security profile applied\n2030663 - Update Network statistics types in DWH\n2031027 - The /usr/share/ovirt-engine/ansible-runner-service-project/inventory/hosts fails rpm verification\n2035051 - removing nfs-utils cause ovirt-engine removal due to cinderlib dep tree\n2037115 - rhv-image-discrepancies (rhv-log-collector-analyzer-1.0.11-1.el8ev) tool continues flags OVF_STORE volumes. \n2037121 - RFE: Add Data Center and Storage Domain name in the rhv-image-discrepancies tool output. \n2040361 - Hotplug VirtIO-SCSI disk fails with error \"Domain already contains a disk with that address\" when IO threads > 1\n2040402 - unable to use --log-size=0 option\n2040474 - [RFE] Add progress tracking for Cluster Upgrade\n2041544 - Admin GUI: Making selection of host while uploading disk it will immediately replace it with the first active host in the list. \n2043146 - Expired /etc/pki/vdsm/libvirt-vnc/server-cert.pem certificate is skipped during Enroll Certificate\n2044273 - Remove the RHV Guest Tools ISO image upload option from engine-setup\n2048546 - sosreport command should be replaced by sos report\n2050566 - Upgrade ovirt-log-collector to 4.4.5\n2050614 - Upgrade rhvm-setup-plugins to 4.5.0\n2051857 - Upgrade rhv-log-collector-analizer to 1.0.13\n2052557 - RHV fails to release mdev vGPU device after VM shutdown\n2052690 - [RFE] Upgrade to ansible-core-2.12 in ovirt-engine\n2054756 - [welcome page] Add link to MTV guide\n2055136 - virt module is not changed to the correct stream during host upgrade\n2056021 - [BUG]: \"Enroll Certificate\" operation not updating libvirt-vnc cert and key\n2056052 - RHV-H w/ PCI-DSS profile causes OVA export to fail\n2056126 - [RFE] Extend time to warn of upcoming certificate expiration\n2058264 - Export as OVA playbook gets stuck with 'found an incomplete artifacts directory...Possible ansible_runner error?'\n2059521 - [RFE] Upgrade to ansible-core-2.12 in ovirt-engine-metrics\n2059877 - [DOCS][Upgrade] Update RHVM update procedure in Upgrade guide\n2061904 - Unable to attach a RHV Host back into cluster after removing due to networking\n2065052 - [TRACKER] Upgrade to ansible-core-2.12 in RHV 4.4 SP1\n2066084 - vmconsole-proxy-user certificate expired - cannot access serial console\n2066283 - Upgrade from RHV 4.4.10 to RHV 4.5.0 is broken\n2069972 - [Doc][RN]Add cluster-level 4.7 to compatibility table\n2070156 - [TESTONLY] Test upgrade from ovirt-engine-4.4.1\n2071468 - Engine fenced host that was already reconnected and set to Up status. \n2072637 - Build and distribute python38-daemon in RHV channels\n2072639 - Build and distribute ansible-runner in RHV channels\n2072641 - Build and distribute python38-docutils in RHV channels\n2072642 - Build and distribute python38-lockfile in RHV channels\n2072645 - Build and distribute python38-pexpect in RHV channels\n2072646 - Build and distribute python38-ptyprocess in RHV channels\n2075352 - upgrading RHV-H does not renew certificate\n\n6. Package List:\n\nRHEL-8-RHEV-S-4.4 - Red Hat Virtualization Engine 4.4:\n\nSource:\nansible-runner-2.1.3-1.el8ev.src.rpm\napache-sshd-2.8.0-0.1.el8ev.src.rpm\nengine-db-query-1.6.4-1.el8ev.src.rpm\novirt-dependencies-4.5.1-1.el8ev.src.rpm\novirt-engine-4.5.0.7-0.9.el8ev.src.rpm\novirt-engine-dwh-4.5.2-1.el8ev.src.rpm\novirt-engine-metrics-1.6.0-1.el8ev.src.rpm\novirt-engine-ui-extensions-1.3.3-1.el8ev.src.rpm\novirt-log-collector-4.4.5-1.el8ev.src.rpm\novirt-web-ui-1.8.1-2.el8ev.src.rpm\nrhv-log-collector-analyzer-1.0.13-1.el8ev.src.rpm\nrhvm-branding-rhv-4.4.11-1.el8ev.src.rpm\nrhvm-setup-plugins-4.5.0-2.el8ev.src.rpm\nvdsm-jsonrpc-java-1.7.1-2.el8ev.src.rpm\n\nnoarch:\nansible-runner-2.1.3-1.el8ev.noarch.rpm\napache-sshd-2.8.0-0.1.el8ev.noarch.rpm\napache-sshd-javadoc-2.8.0-0.1.el8ev.noarch.rpm\nengine-db-query-1.6.4-1.el8ev.noarch.rpm\novirt-dependencies-4.5.1-1.el8ev.noarch.rpm\novirt-engine-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-backend-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-dbscripts-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-dwh-4.5.2-1.el8ev.noarch.rpm\novirt-engine-dwh-grafana-integration-setup-4.5.2-1.el8ev.noarch.rpm\novirt-engine-dwh-setup-4.5.2-1.el8ev.noarch.rpm\novirt-engine-health-check-bundler-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-metrics-1.6.0-1.el8ev.noarch.rpm\novirt-engine-restapi-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-base-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-cinderlib-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-imageio-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-ovirt-engine-common-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-setup-plugin-websocket-proxy-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-tools-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-tools-backup-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-ui-extensions-1.3.3-1.el8ev.noarch.rpm\novirt-engine-vmconsole-proxy-helper-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-webadmin-portal-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-engine-websocket-proxy-4.5.0.7-0.9.el8ev.noarch.rpm\novirt-log-collector-4.4.5-1.el8ev.noarch.rpm\novirt-web-ui-1.8.1-2.el8ev.noarch.rpm\npython3-ovirt-engine-lib-4.5.0.7-0.9.el8ev.noarch.rpm\npython38-ansible-runner-2.1.3-1.el8ev.noarch.rpm\npython38-docutils-0.14-12.4.el8ev.noarch.rpm\nrhv-log-collector-analyzer-1.0.13-1.el8ev.noarch.rpm\nrhvm-4.5.0.7-0.9.el8ev.noarch.rpm\nrhvm-branding-rhv-4.4.11-1.el8ev.noarch.rpm\nrhvm-setup-plugins-4.5.0-2.el8ev.noarch.rpm\nvdsm-jsonrpc-java-1.7.1-2.el8ev.noarch.rpm\nvdsm-jsonrpc-java-javadoc-1.7.1-2.el8ev.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3807\nhttps://access.redhat.com/security/cve/CVE-2021-23425\nhttps://access.redhat.com/security/cve/CVE-2021-33502\nhttps://access.redhat.com/security/cve/CVE-2021-41182\nhttps://access.redhat.com/security/cve/CVE-2021-41183\nhttps://access.redhat.com/security/cve/CVE-2021-41184\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYo/qI9zjgjWX9erEAQhpng//aJBlyx9sUzPTC08WE6OwY4Ihk8b0wSh5\nC9RWX/PmlDE2CAivQHpSs8D7/IizHl4Arn6f0HJx+NavN8YfbApqs2mcq+KUKYuC\n/VxCb3YlukeDsXeYIM+ScifS9M+N+WNGy9BRrlcYxZ4Ya5zLYv/ibrrHCX44yKz8\nJg5abyQyCzI6DEPjSDRIZkULLIdkbQ8xGd7j5P4ThAR2MRf8deeHez4/NmfrQm6n\nQ3f4qeQlljiNgoGdxa2z65Shxpb3pkWGt81MZuMwKpRa6EDBDs8vGMA0LZamsikv\nXZUU2P7d+JrXvLd2bmfGty6EaQ2FY0XoB0vvK1AyUhSZkX2thUvFsEgIdWjLSu4a\neT28D2etZLTIyl1DB42L+5gcomaQTn0sT0i99ExWkFyf9xWne+ygOFYydjV0/fy+\n530Pwzlk9c2QtHgJ/XzGU12QLzKa/tvLbqXTfmAmlqDkU/+3aIr2l5SgnudzY4NN\nBAUae8noIVWEs6L+6DY5HYt+x+WYYLipQh9gPjpBOaH+sEFvZ2+GzlVR0zF4IM5E\nqLH5bopwO6GfHeNjv+4U+l+3kjhJIpwrsy/uzc+/mExrraYFpZc8skbcGRyhQ7ML\nCtHSV7Y4x/OguhgYeqx1ocCfpIpkbu4MGa4esGDW4ocvL03AHnbxOG7gGvBH35oF\ncada2etYwu0=nreb\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n", sources: [ { db: "NVD", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "VULHUB", id: "VHN-397877", }, { db: "VULMON", id: "CVE-2021-41183", }, { db: "PACKETSTORM", id: "167278", }, ], trust: 1.89, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-41183", trust: 3.5, }, { db: "TENABLE", id: "TNS-2022-09", trust: 1.8, }, { db: "PACKETSTORM", id: "167278", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-014042", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202110-1839", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2022.2458", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.0236", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2191", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.5431", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.2599", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.1792", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.3896", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.1837", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.6384", trust: 0.6, }, { db: "CS-HELP", id: "SB2022030804", trust: 0.6, }, { db: "CS-HELP", id: "SB2022062021", trust: 0.6, }, { db: "CS-HELP", id: "SB2022042017", trust: 0.6, }, { db: "CS-HELP", id: "SB2022011946", trust: 0.6, }, { db: "VULHUB", id: "VHN-397877", trust: 0.1, }, { db: "VULMON", id: "CVE-2021-41183", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-397877", }, { db: "VULMON", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "PACKETSTORM", id: "167278", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, id: "VAR-202110-1615", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-397877", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:20:12.662000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "NTAP-20211118-0004", trust: 0.8, url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { title: "jQuery Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=167278", }, { title: "Red Hat: Moderate: RHV Manager (ovirt-engine) [ovirt-4.5.0] security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20224711 - Security Advisory", }, { title: "Red Hat: CVE-2021-41183", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-41183", }, { title: "IBM: Security Bulletin: API Connect is vulnerable to JQuery-UI Cross-Site Scripting (XSS) (CVE-2021-41184, CVE-2021-41183, CVE-2021-41182)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=cad03619ba21e75b9c9476e5adf69069", }, { title: "Tenable Security Advisories: [R1] Tenable.sc 5.21.0 Fixes Multiple Third-Party Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2022-09", }, { title: "", trust: 0.1, url: "https://github.com/Live-Hack-CVE/CVE-2021-41183 ", }, { title: "", trust: 0.1, url: "https://github.com/marksowell/retire-html-parser ", }, ], sources: [ { db: "VULMON", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1.1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-397877", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/nxiuubrvla4e7g7mmikcen75yn7uferw/", }, { trust: 1.8, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/o74sxyy7rgxreqdqudqd4bpj4qqtd2xq/", }, { trust: 1.8, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/snxa7xrkginwsuipiz6zbctv6n3kshes/", }, { trust: 1.8, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/hvkiowsxl2rf2ulnap7phesycfszije3/", }, { trust: 1.8, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/sgsy236pysfyiebrgderla7osy6d7xl4/", }, { trust: 1.8, url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { trust: 1.8, url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { trust: 1.8, url: "https://bugs.jqueryui.com/ticket/15284", }, { trust: 1.8, url: "https://github.com/jquery/jquery-ui/pull/1953", }, { trust: 1.8, url: "https://github.com/jquery/jquery-ui/security/advisories/ghsa-j7qv-pgf6-hvh4", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { trust: 1.8, url: "https://www.drupal.org/sa-contrib-2022-004", }, { trust: 1.8, url: "https://www.drupal.org/sa-core-2022-001", }, { trust: 1.8, url: "https://www.drupal.org/sa-core-2022-002", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { trust: 1.8, url: "https://www.tenable.com/security/tns-2022-09", }, { trust: 1, url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { trust: 0.9, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41183", }, { trust: 0.7, url: "https://access.redhat.com/security/cve/cve-2021-41183", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/o74sxyy7rgxreqdqudqd4bpj4qqtd2xq/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/snxa7xrkginwsuipiz6zbctv6n3kshes/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/sgsy236pysfyiebrgderla7osy6d7xl4/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/nxiuubrvla4e7g7mmikcen75yn7uferw/", }, { trust: 0.6, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/hvkiowsxl2rf2ulnap7phesycfszije3/", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/jquery-ui-three-vulnerabilities-36936", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022030804", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2458", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.1792", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6525274", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022042017", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/167278/red-hat-security-advisory-2022-4711-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2191", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6384", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022011946", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2022062021", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.1837", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.5431", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.3896", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.2599", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.0236", }, { trust: 0.2, url: "https://access.redhat.com/errata/rhsa-2022:4711", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/79.html", }, { trust: 0.1, url: "https://github.com/live-hack-cve/cve-2021-41183", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.ibm.com/blogs/psirt/security-bulletin-api-connect-is-vulnerable-to-jquery-ui-cross-site-scripting-xss-cve-2021-41184-cve-2021-41183-cve-2021-41182/", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23425", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3807", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-41182", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-41184", }, { trust: 0.1, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41184", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33502", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_virtualization/4.4/html-single/technical_notes", }, { trust: 0.1, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23425", }, { trust: 0.1, url: "https://access.redhat.com/articles/2974891", }, { trust: 0.1, url: "https://bugzilla.redhat.com/):", }, { trust: 0.1, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3807", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41182", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33502", }, ], sources: [ { db: "VULHUB", id: "VHN-397877", }, { db: "VULMON", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "PACKETSTORM", id: "167278", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-397877", }, { db: "VULMON", id: "CVE-2021-41183", }, { db: "JVNDB", id: "JVNDB-2021-014042", }, { db: "PACKETSTORM", id: "167278", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, { db: "NVD", id: "CVE-2021-41183", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-10-26T00:00:00", db: "VULHUB", id: "VHN-397877", }, { date: "2021-10-26T00:00:00", db: "VULMON", id: "CVE-2021-41183", }, { date: "2022-10-03T00:00:00", db: "JVNDB", id: "JVNDB-2021-014042", }, { date: "2022-05-27T15:37:28", db: "PACKETSTORM", id: "167278", }, { date: "2021-10-26T00:00:00", db: "CNNVD", id: "CNNVD-202110-1839", }, { date: "2021-10-26T15:15:10.387000", db: "NVD", id: "CVE-2021-41183", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-11-07T00:00:00", db: "VULHUB", id: "VHN-397877", }, { date: "2023-06-21T00:00:00", db: "VULMON", id: "CVE-2021-41183", }, { date: "2022-10-03T06:51:00", db: "JVNDB", id: "JVNDB-2021-014042", }, { date: "2022-12-08T00:00:00", db: "CNNVD", id: "CNNVD-202110-1839", }, { date: "2024-11-21T06:25:42.137000", db: "NVD", id: "CVE-2021-41183", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202110-1839", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "jQuery-UI Cross-site scripting vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2021-014042", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "xss", sources: [ { db: "PACKETSTORM", id: "167278", }, { db: "CNNVD", id: "CNNVD-202110-1839", }, ], trust: 0.7, }, }
var-202002-1305
Vulnerability from variot
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. PHP Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A buffer error vulnerability exists in PHP 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, and 7.4.x prior to 7.4.2. (CVE-2015-9253). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: rh-php73-php security, bug fix, and enhancement update Advisory ID: RHSA-2020:5275-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5275 Issue date: 2020-12-01 CVE Names: CVE-2019-11045 CVE-2019-11047 CVE-2019-11048 CVE-2019-11050 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 ==================================================================== 1. Summary:
An update for rh-php73-php is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: rh-php73-php (7.3.20). (BZ#1853211)
Security Fix(es):
-
php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte (CVE-2019-11045)
-
php: Information disclosure in exif_read_data() (CVE-2019-11047)
-
php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)
-
oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203)
-
oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204)
-
php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059)
-
php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function (CVE-2020-7060)
-
php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062)
-
php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)
-
php: Information disclosure in exif_read_data() function (CVE-2020-7064)
-
php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065)
-
php: Out of bounds read when parsing EXIF information (CVE-2019-11050)
-
oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c (CVE-2019-19246)
-
php: Information disclosure in function get_headers (CVE-2020-7066)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1777537 - CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c 1786570 - CVE-2019-11047 php: Information disclosure in exif_read_data() 1786572 - CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte 1788258 - CVE-2019-11050 php: Out of bounds read when parsing EXIF information 1797776 - CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex 1797779 - CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function 1802061 - CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c 1802068 - CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c 1808532 - CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress 1808536 - CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions 1820601 - CVE-2020-7064 php: Information disclosure in exif_read_data() function 1820604 - CVE-2020-7066 php: Information disclosure in function get_headers 1820627 - CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution 1837842 - CVE-2019-11048 php: Integer wraparounds when receiving multipart forms
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-11045 https://access.redhat.com/security/cve/CVE-2019-11047 https://access.redhat.com/security/cve/CVE-2019-11048 https://access.redhat.com/security/cve/CVE-2019-11050 https://access.redhat.com/security/cve/CVE-2019-19203 https://access.redhat.com/security/cve/CVE-2019-19204 https://access.redhat.com/security/cve/CVE-2019-19246 https://access.redhat.com/security/cve/CVE-2020-7059 https://access.redhat.com/security/cve/CVE-2020-7060 https://access.redhat.com/security/cve/CVE-2020-7062 https://access.redhat.com/security/cve/CVE-2020-7063 https://access.redhat.com/security/cve/CVE-2020-7064 https://access.redhat.com/security/cve/CVE-2020-7065 https://access.redhat.com/security/cve/CVE-2020-7066 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBX8Y0i9zjgjWX9erEAQg0Fw/8DpkMHPAzp4Tb6ym275eMnlcICweGyFtw becOAQt6d3zo6+1fQ7TvsDhciqoSppofF1z4i1HKRZlvsrkzmPkzXfBh0Z1M99YQ KUsvTcbQ9fd5AzHzkVIQ1NL9Qvhl8We0DL/WEiz6ob3yczwgZAz7yVq+dl7IkfoI 6G/lbIT0g5C9OPpma+KPw2mB1fiaGnPp5+i3o1srMYOcqqd8oWDWOQZJVB1TlkEH rcPfqKdlrwIl2gu9LlGw8leNS0392lsd8UOaVt8rjsW5wdPAZno8rCFp+TMXymJ0 D1FlsrWwsc89QPgeJd13cc487nJnIos8bRxTDsJL/pQdyhIYNLGA7dA20YdMElDh viPblEXhfwRMHeSgTUUTU4dvNk6DiGQWigiNh2973EgYDTxA2AGvLo2ygfFXCVGi EWcECya+Cz+G0/IaJPE1ohnVqdfdrDVncOFNmfdQ6QvDZaoZyqi37UubtA+JB1qC 5f1j9vtfWTMRpkCqmF/94WQ81h2401lqHz6yWlbn2DOALN/R8Cso5mLwwd/9cWLo RwIpTvHOFY++tzoh8Mn9WDaMNkPkf39n30BDtKQA4XG53vo3/RZHmpkmwxy4UVgB gGP537Uy95zumCJMFRsKvkqTg62O6AEOneydtZT/yYGiF9uhHBboTorij+aD7LN4 0afoNZ3Sfdc\xaaB8 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
For the stable distribution (buster), these problems have been fixed in version 7.3.14-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5K+WQACgkQEMKTtsN8 TjZA/xAAkC1VQPZceCr4L9w2SuZ3tqxhxtQudPw8NcH7kSZtrvFnFOYvqKTj/wNV wtHcx4TMZRPYWu+Pzl2WN7B+H++4PtvNDyUmyrwOycOIBnPrRRp9bmtTrs6Dzmm4 M/y2G5PYVGHxeilQWLKiOKX/EL/7EFjjEZq19DyujBGlOZsj3jGDAxtpGn510Q2d 94c2fa1hCBp8u0HGMcCQ632+bK6JS79JixzkkuGlWiih+2H94Qdwm3saiNt3ey/N QT7tiFsdPWwWUOuT4G6GYrpL0vOw+idm9OClfOAufaZOosgIbL/oUPtMtq7Gb7la ILxU1KbaLMX0vOszycpIP04AEBPETCKxvDuHNLKTGNaE6GQjIjDkSTIH0hGDeaeX gCrRosPh0jmI5M158dJrUPkC5JZpsX/WJWGmNnJ5DvCBMlQtaloVBP4eLXlda8fB 743tDdFlaiD6mC0aGMfXp54yTD3/0J2ENmZ8Rx+YEuTr7/7P1Ia8o2HiIoGE4URf AU4uQ1YjI6bhXo8muN29449vo/5yciVhH3EikHvGtdMAd7c2wD6GxDjpKj2ZWOF8 flI6DcATW+8rq9+dICZOtA0vgxTZb4iPzj4CXoqzfDg+JH5U2AGKQWY/650UIwOX Q2kshwrrFxQUml8AfiL68OJww4MkBmUb9fbwmgBg0pNASigWJa4=EPNV -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-57
https://security.gentoo.org/
Severity: High Title: PHP: Multiple vulnerabilities Date: March 26, 2020 Bugs: #671872, #706168, #710304, #713484 ID: 202003-57
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary shell commands.
Background
PHP is an open source general-purpose scripting language that is especially suited for web development. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 7.2.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.2.29"
All PHP 7.3.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.3.16"
All PHP 7.4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.4.4"
References
[ 1 ] CVE-2018-19518 https://nvd.nist.gov/vuln/detail/CVE-2018-19518 [ 2 ] CVE-2020-7059 https://nvd.nist.gov/vuln/detail/CVE-2020-7059 [ 3 ] CVE-2020-7060 https://nvd.nist.gov/vuln/detail/CVE-2020-7060 [ 4 ] CVE-2020-7061 https://nvd.nist.gov/vuln/detail/CVE-2020-7061 [ 5 ] CVE-2020-7062 https://nvd.nist.gov/vuln/detail/CVE-2020-7062 [ 6 ] CVE-2020-7063 https://nvd.nist.gov/vuln/detail/CVE-2020-7063 [ 7 ] CVE-2020-7064 https://nvd.nist.gov/vuln/detail/CVE-2020-7064 [ 8 ] CVE-2020-7065 https://nvd.nist.gov/vuln/detail/CVE-2020-7065 [ 9 ] CVE-2020-7066 https://nvd.nist.gov/vuln/detail/CVE-2020-7066
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-57
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ========================================================================== Ubuntu Security Notice USN-4279-2 February 19, 2020
php7.0 regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
USN-4279-1 introduced a regression in PHP. The updated packages caused a regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253)
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059)
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.12 php7.0-cgi 7.0.33-0ubuntu0.16.04.12 php7.0-cli 7.0.33-0ubuntu0.16.04.12 php7.0-fpm 7.0.33-0ubuntu0.16.04.12
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202002-1305", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.4.2", }, { model: "communications diameter signaling router", scope: "gte", trust: 1, vendor: "oracle", version: "8.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.27", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.14", }, { model: "communications diameter signaling router", scope: "lte", trust: 1, vendor: "oracle", version: "8.4", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "8.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.1", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.4.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.2.27", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.3.14", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.4.2", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:php:php", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-001731", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ubuntu,Debian,Red Hat,Gentoo", sources: [ { db: "CNNVD", id: "CNNVD-202002-316", }, ], trust: 0.6, }, cve: "CVE-2020-7059", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-7059", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.4, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-001731", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-185184", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-7059", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "security@php.net", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2020-7059", impactScore: 2.5, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.1, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-001731", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-7059", trust: 1, value: "CRITICAL", }, { author: "security@php.net", id: "CVE-2020-7059", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2020-001731", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202002-316", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-185184", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-7059", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-185184", }, { db: "VULMON", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "CNNVD", id: "CNNVD-202002-316", }, { db: "NVD", id: "CVE-2020-7059", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. PHP Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A buffer error vulnerability exists in PHP 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, and 7.4.x prior to 7.4.2. \n(CVE-2015-9253). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: rh-php73-php security, bug fix, and enhancement update\nAdvisory ID: RHSA-2020:5275-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:5275\nIssue date: 2020-12-01\nCVE Names: CVE-2019-11045 CVE-2019-11047 CVE-2019-11048\n CVE-2019-11050 CVE-2019-19203 CVE-2019-19204\n CVE-2019-19246 CVE-2020-7059 CVE-2020-7060\n CVE-2020-7062 CVE-2020-7063 CVE-2020-7064\n CVE-2020-7065 CVE-2020-7066\n====================================================================\n1. Summary:\n\nAn update for rh-php73-php is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nThe following packages have been upgraded to a later upstream version:\nrh-php73-php (7.3.20). (BZ#1853211)\n\nSecurity Fix(es):\n\n* php: DirectoryIterator class accepts filenames with embedded \\0 byte and\ntreats them as terminating at that byte (CVE-2019-11045)\n\n* php: Information disclosure in exif_read_data() (CVE-2019-11047)\n\n* php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)\n\n* oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in\nfile gb18030.c (CVE-2019-19203)\n\n* oniguruma: Heap-based buffer over-read in function\nfetch_interval_quantifier in regparse.c (CVE-2019-19204)\n\n* php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059)\n\n* php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function\n(CVE-2020-7060)\n\n* php: NULL pointer dereference in PHP session upload progress\n(CVE-2020-7062)\n\n* php: Files added to tar with Phar::buildFromIterator have all-access\npermissions (CVE-2020-7063)\n\n* php: Information disclosure in exif_read_data() function (CVE-2020-7064)\n\n* php: Using mb_strtolower() function with UTF-32LE encoding leads to\npotential code execution (CVE-2020-7065)\n\n* php: Out of bounds read when parsing EXIF information (CVE-2019-11050)\n\n* oniguruma: Heap-based buffer overflow in str_lower_case_match in\nregexec.c (CVE-2019-19246)\n\n* php: Information disclosure in function get_headers (CVE-2020-7066)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nSoftware Collections 3.6 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1777537 - CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c\n1786570 - CVE-2019-11047 php: Information disclosure in exif_read_data()\n1786572 - CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded \\0 byte and treats them as terminating at that byte\n1788258 - CVE-2019-11050 php: Out of bounds read when parsing EXIF information\n1797776 - CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex\n1797779 - CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function\n1802061 - CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c\n1802068 - CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c\n1808532 - CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress\n1808536 - CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions\n1820601 - CVE-2020-7064 php: Information disclosure in exif_read_data() function\n1820604 - CVE-2020-7066 php: Information disclosure in function get_headers\n1820627 - CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution\n1837842 - CVE-2019-11048 php: Integer wraparounds when receiving multipart forms\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\naarch64:\nrh-php73-php-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-cli-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-common-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dba-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-devel-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-intl-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-json-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-process-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-recode-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-soap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xml-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-zip-7.3.20-1.el7.aarch64.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\naarch64:\nrh-php73-php-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-cli-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-common-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dba-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-devel-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-intl-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-json-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-process-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-recode-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-soap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xml-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-zip-7.3.20-1.el7.aarch64.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-11045\nhttps://access.redhat.com/security/cve/CVE-2019-11047\nhttps://access.redhat.com/security/cve/CVE-2019-11048\nhttps://access.redhat.com/security/cve/CVE-2019-11050\nhttps://access.redhat.com/security/cve/CVE-2019-19203\nhttps://access.redhat.com/security/cve/CVE-2019-19204\nhttps://access.redhat.com/security/cve/CVE-2019-19246\nhttps://access.redhat.com/security/cve/CVE-2020-7059\nhttps://access.redhat.com/security/cve/CVE-2020-7060\nhttps://access.redhat.com/security/cve/CVE-2020-7062\nhttps://access.redhat.com/security/cve/CVE-2020-7063\nhttps://access.redhat.com/security/cve/CVE-2020-7064\nhttps://access.redhat.com/security/cve/CVE-2020-7065\nhttps://access.redhat.com/security/cve/CVE-2020-7066\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX8Y0i9zjgjWX9erEAQg0Fw/8DpkMHPAzp4Tb6ym275eMnlcICweGyFtw\nbecOAQt6d3zo6+1fQ7TvsDhciqoSppofF1z4i1HKRZlvsrkzmPkzXfBh0Z1M99YQ\nKUsvTcbQ9fd5AzHzkVIQ1NL9Qvhl8We0DL/WEiz6ob3yczwgZAz7yVq+dl7IkfoI\n6G/lbIT0g5C9OPpma+KPw2mB1fiaGnPp5+i3o1srMYOcqqd8oWDWOQZJVB1TlkEH\nrcPfqKdlrwIl2gu9LlGw8leNS0392lsd8UOaVt8rjsW5wdPAZno8rCFp+TMXymJ0\nD1FlsrWwsc89QPgeJd13cc487nJnIos8bRxTDsJL/pQdyhIYNLGA7dA20YdMElDh\nviPblEXhfwRMHeSgTUUTU4dvNk6DiGQWigiNh2973EgYDTxA2AGvLo2ygfFXCVGi\nEWcECya+Cz+G0/IaJPE1ohnVqdfdrDVncOFNmfdQ6QvDZaoZyqi37UubtA+JB1qC\n5f1j9vtfWTMRpkCqmF/94WQ81h2401lqHz6yWlbn2DOALN/R8Cso5mLwwd/9cWLo\nRwIpTvHOFY++tzoh8Mn9WDaMNkPkf39n30BDtKQA4XG53vo3/RZHmpkmwxy4UVgB\ngGP537Uy95zumCJMFRsKvkqTg62O6AEOneydtZT/yYGiF9uhHBboTorij+aD7LN4\n0afoNZ3Sfdc\\xaaB8\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.14-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. \n\nFor the detailed security status of php7.3 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/php7.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5K+WQACgkQEMKTtsN8\nTjZA/xAAkC1VQPZceCr4L9w2SuZ3tqxhxtQudPw8NcH7kSZtrvFnFOYvqKTj/wNV\nwtHcx4TMZRPYWu+Pzl2WN7B+H++4PtvNDyUmyrwOycOIBnPrRRp9bmtTrs6Dzmm4\nM/y2G5PYVGHxeilQWLKiOKX/EL/7EFjjEZq19DyujBGlOZsj3jGDAxtpGn510Q2d\n94c2fa1hCBp8u0HGMcCQ632+bK6JS79JixzkkuGlWiih+2H94Qdwm3saiNt3ey/N\nQT7tiFsdPWwWUOuT4G6GYrpL0vOw+idm9OClfOAufaZOosgIbL/oUPtMtq7Gb7la\nILxU1KbaLMX0vOszycpIP04AEBPETCKxvDuHNLKTGNaE6GQjIjDkSTIH0hGDeaeX\ngCrRosPh0jmI5M158dJrUPkC5JZpsX/WJWGmNnJ5DvCBMlQtaloVBP4eLXlda8fB\n743tDdFlaiD6mC0aGMfXp54yTD3/0J2ENmZ8Rx+YEuTr7/7P1Ia8o2HiIoGE4URf\nAU4uQ1YjI6bhXo8muN29449vo/5yciVhH3EikHvGtdMAd7c2wD6GxDjpKj2ZWOF8\nflI6DcATW+8rq9+dICZOtA0vgxTZb4iPzj4CXoqzfDg+JH5U2AGKQWY/650UIwOX\nQ2kshwrrFxQUml8AfiL68OJww4MkBmUb9fbwmgBg0pNASigWJa4=EPNV\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202003-57\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: PHP: Multiple vulnerabilities\n Date: March 26, 2020\n Bugs: #671872, #706168, #710304, #713484\n ID: 202003-57\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould result in the execution of arbitrary shell commands. \n\nBackground\n==========\n\nPHP is an open source general-purpose scripting language that is\nespecially suited for web development. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 7.2.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.2.29\"\n\nAll PHP 7.3.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.3.16\"\n\nAll PHP 7.4.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.4.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-19518\n https://nvd.nist.gov/vuln/detail/CVE-2018-19518\n[ 2 ] CVE-2020-7059\n https://nvd.nist.gov/vuln/detail/CVE-2020-7059\n[ 3 ] CVE-2020-7060\n https://nvd.nist.gov/vuln/detail/CVE-2020-7060\n[ 4 ] CVE-2020-7061\n https://nvd.nist.gov/vuln/detail/CVE-2020-7061\n[ 5 ] CVE-2020-7062\n https://nvd.nist.gov/vuln/detail/CVE-2020-7062\n[ 6 ] CVE-2020-7063\n https://nvd.nist.gov/vuln/detail/CVE-2020-7063\n[ 7 ] CVE-2020-7064\n https://nvd.nist.gov/vuln/detail/CVE-2020-7064\n[ 8 ] CVE-2020-7065\n https://nvd.nist.gov/vuln/detail/CVE-2020-7065\n[ 9 ] CVE-2020-7066\n https://nvd.nist.gov/vuln/detail/CVE-2020-7066\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-57\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n\n. ==========================================================================\nUbuntu Security Notice USN-4279-2\nFebruary 19, 2020\n\nphp7.0 regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n\nSummary:\n\nUSN-4279-1 introduced a regression in PHP. The updated packages caused a regression. \nThis update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that PHP incorrectly handled certain scripts. \n An attacker could possibly use this issue to cause a denial of service. \n This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. \n (CVE-2015-9253)\n \n It was discovered that PHP incorrectly handled certain inputs. An attacker\n could possibly use this issue to expose sensitive information. \n (CVE-2020-7059)\n \n It was discovered that PHP incorrectly handled certain inputs. \n An attacker could possibly use this issue to execute arbitrary code. \n This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS\n and Ubuntu 19.10. (CVE-2020-7060)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.12\n php7.0-cgi 7.0.33-0ubuntu0.16.04.12\n php7.0-cli 7.0.33-0ubuntu0.16.04.12\n php7.0-fpm 7.0.33-0ubuntu0.16.04.12\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "VULHUB", id: "VHN-185184", }, { db: "VULMON", id: "CVE-2020-7059", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-7059", trust: 3.3, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.7, }, { db: "PACKETSTORM", id: "160292", trust: 0.8, }, { db: "PACKETSTORM", id: "159094", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-001731", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202002-316", trust: 0.7, }, { db: "PACKETSTORM", id: "156399", trust: 0.7, }, { db: "PACKETSTORM", id: "156934", trust: 0.7, }, { db: "PACKETSTORM", id: "156441", trust: 0.7, }, { db: "PACKETSTORM", id: "156423", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2022.6056", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4262", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3072", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0741", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0652", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0853", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4296", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0748", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0566", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0584", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "CNVD", id: "CNVD-2020-04665", trust: 0.1, }, { db: "VULHUB", id: "VHN-185184", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-7059", trust: 0.1, }, { db: "PACKETSTORM", id: "156397", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-185184", }, { db: "VULMON", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-316", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, id: "VAR-202002-1305", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-185184", }, ], trust: 0.01, }, last_update_date: "2024-11-23T19:51:19.030000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Sec Bug #79099", trust: 0.8, url: "https://bugs.php.net/bug.php?id=79099", }, { title: "Ubuntu Security Notice: php5, php7.0, php7.2, php7.3 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4279-1", }, { title: "Ubuntu Security Notice: php7.0 regression", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4279-2", }, { title: "Amazon Linux AMI: ALAS-2020-1347", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1347", }, { title: "Amazon Linux AMI: ALAS-2020-1346", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1346", }, { title: "Red Hat: Moderate: rh-php73-php security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205275 - Security Advisory", }, { title: "Debian Security Advisories: DSA-4628-1 php7.0 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=688741de46e2d16edb2da10e1d501450", }, { title: "Red Hat: Moderate: php:7.3 security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203662 - Security Advisory", }, { title: "Debian Security Advisories: DSA-4626-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=66162fd32170228a0805fd7114196e44", }, { title: "Tenable Security Advisories: [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-14", }, ], sources: [ { db: "VULMON", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-185184", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.debian.org/security/2020/dsa-4628", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7059", }, { trust: 1.9, url: "https://security.gentoo.org/glsa/202003-57", }, { trust: 1.9, url: "https://usn.ubuntu.com/4279-1/", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2020/feb/27", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2020/feb/31", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2021/jan/3", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { trust: 1.8, url: "https://www.debian.org/security/2020/dsa-4626", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=79099", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { trust: 1.8, url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7059", }, { trust: 0.8, url: "https://access.redhat.com/security/cve/cve-2020-7059", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7060", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4262/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156423/debian-security-advisory-4628-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0748/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156441/ubuntu-security-notice-usn-4279-2.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159094/red-hat-security-advisory-2020-3662-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/160292/red-hat-security-advisory-2020-5275-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0566/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0741/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156934/gentoo-linux-security-advisory-202003-57.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0652/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0853/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4296/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0584/", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-php-cve-2020-7069-cve-2020-7059-2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3072/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6056", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-31420", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-php-cve-2020-7069-cve-2020-7059/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156399/debian-security-advisory-4626-1.html", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11045", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11047", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11050", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7065", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7062", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7064", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7066", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7063", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-9253", }, { trust: 0.2, url: "https://usn.ubuntu.com/4279-1", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11050", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19203", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11045", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7066", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7065", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11047", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19203", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19204", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7063", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19246", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11048", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11048", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19204", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7060", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7064", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19246", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7062", }, { trust: 0.2, url: "https://www.debian.org/security/faq", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11046", }, { trust: 0.2, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.3/7.3.11-0ubuntu0.19.10.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.2/7.2.24-0ubuntu0.18.04.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.11", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:5275", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11042", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11041", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11040", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11040", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11039", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11039", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13224", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11042", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11041", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20454", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:3662", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13224", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16163", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20454", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11049", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19518", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7061", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://usn.ubuntu.com/4279-2", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.12", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.0", }, ], sources: [ { db: "VULHUB", id: "VHN-185184", }, { db: "VULMON", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-316", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-185184", }, { db: "VULMON", id: "CVE-2020-7059", }, { db: "JVNDB", id: "JVNDB-2020-001731", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-316", }, { db: "NVD", id: "CVE-2020-7059", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-02-10T00:00:00", db: "VULHUB", id: "VHN-185184", }, { date: "2020-02-10T00:00:00", db: "VULMON", id: "CVE-2020-7059", }, { date: "2020-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-001731", }, { date: "2020-02-18T15:04:45", db: "PACKETSTORM", id: "156397", }, { date: "2020-12-01T16:36:40", db: "PACKETSTORM", id: "160292", }, { date: "2020-09-08T18:10:32", db: "PACKETSTORM", id: "159094", }, { date: "2020-02-18T15:05:02", db: "PACKETSTORM", id: "156399", }, { date: "2020-03-27T13:06:15", db: "PACKETSTORM", id: "156934", }, { date: "2020-02-20T17:44:31", db: "PACKETSTORM", id: "156441", }, { date: "2020-02-19T15:28:10", db: "PACKETSTORM", id: "156423", }, { date: "2020-02-10T00:00:00", db: "CNNVD", id: "CNNVD-202002-316", }, { date: "2020-02-10T08:15:12.673000", db: "NVD", id: "CVE-2020-7059", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-01T00:00:00", db: "VULHUB", id: "VHN-185184", }, { date: "2021-07-22T00:00:00", db: "VULMON", id: "CVE-2020-7059", }, { date: "2020-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-001731", }, { date: "2022-11-22T00:00:00", db: "CNNVD", id: "CNNVD-202002-316", }, { date: "2024-11-21T05:36:35.167000", db: "NVD", id: "CVE-2020-7059", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202002-316", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP Out-of-bounds read vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-001731", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202002-316", }, ], trust: 0.6, }, }
var-201908-1840
Vulnerability from variot
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in PHP 7.1.x prior to 7.1.31, 7.2.x prior to 7.2.21, and 7.3.x prior to 7.3.8. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. PHP is prone to a heap-based buffer-overflow vulnerability. Failed exploits will result in denial-of-service conditions.
PHP versions before 7.3.8 are vulnerable.
For the stable distribution (buster), these problems have been fixed in version 7.3.9-1~deb10u1.
We recommend that you upgrade your php7.3 packages. ========================================================================= Ubuntu Security Notice USN-4097-1 August 13, 2019
php7.0, php7.2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
PHP could be made to crash or execute arbitrary code if it received specially crafted image. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2019-11041, CVE-2019-11042)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: libapache2-mod-php7.2 7.2.19-0ubuntu0.19.04.2 php7.2-cgi 7.2.19-0ubuntu0.19.04.2 php7.2-cli 7.2.19-0ubuntu0.19.04.2 php7.2-fpm 7.2.19-0ubuntu0.19.04.2 php7.2-xmlrpc 7.2.19-0ubuntu0.19.04.2
Ubuntu 18.04 LTS: libapache2-mod-php7.2 7.2.19-0ubuntu0.18.04.2 php7.2-cgi 7.2.19-0ubuntu0.18.04.2 php7.2-cli 7.2.19-0ubuntu0.18.04.2 php7.2-fpm 7.2.19-0ubuntu0.18.04.2 php7.2-xmlrpc 7.2.19-0ubuntu0.18.04.2
Ubuntu 16.04 LTS: libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.6 php7.0-cgi 7.0.33-0ubuntu0.16.04.6 php7.0-cli 7.0.33-0ubuntu0.16.04.6 php7.0-fpm 7.0.33-0ubuntu0.16.04.6 php7.0-xmlrpc 7.0.33-0ubuntu0.16.04.6
In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Critical: rh-php72-php security update Advisory ID: RHSA-2019:3299-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:3299 Issue date: 2019-11-01 CVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 =====================================================================
- Summary:
An update for rh-php72-php is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: rh-php72-php (7.2.24). (BZ#1766603)
Security Fix(es):
-
php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)
-
gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166)
-
gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c (CVE-2019-6977)
-
php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)
-
php: File rename across filesystems may allow unwanted access during processing (CVE-2019-9637)
-
php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)
-
php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)
-
php: Invalid read in exif_process_SOFn() (CVE-2019-9640)
-
php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() (CVE-2019-11039)
-
php: Buffer over-read in exif_read_data() (CVE-2019-11040)
-
php: Buffer over-read in PHAR reading functions (CVE-2018-20783)
-
php: Heap-based buffer over-read in PHAR reading functions (CVE-2019-9021)
-
php: memcpy with negative length via crafted DNS response (CVE-2019-9022)
-
php: Heap-based buffer over-read in mbstring regular expression functions (CVE-2019-9023)
-
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)
-
php: Heap buffer overflow in function exif_process_IFD_TAG() (CVE-2019-11034)
-
php: Heap buffer overflow in function exif_iif_add_value() (CVE-2019-11035)
-
php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure (CVE-2019-11036)
-
gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038)
-
php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)
-
php: heap buffer over-read in exif_process_user_comment() (CVE-2019-11042)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc() 1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c 1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions 1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode() 1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions 1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions 1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c 1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response 1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing 1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE 1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn() 1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value() 1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG() 1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure 1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm() 1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers() 1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data() 1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail() 1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment() 1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
aarch64: rh-php72-php-7.2.24-1.el7.aarch64.rpm rh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm rh-php72-php-cli-7.2.24-1.el7.aarch64.rpm rh-php72-php-common-7.2.24-1.el7.aarch64.rpm rh-php72-php-dba-7.2.24-1.el7.aarch64.rpm rh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm rh-php72-php-devel-7.2.24-1.el7.aarch64.rpm rh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm rh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm rh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm rh-php72-php-gd-7.2.24-1.el7.aarch64.rpm rh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-intl-7.2.24-1.el7.aarch64.rpm rh-php72-php-json-7.2.24-1.el7.aarch64.rpm rh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm rh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm rh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm rh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm rh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm rh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm rh-php72-php-process-7.2.24-1.el7.aarch64.rpm rh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm rh-php72-php-recode-7.2.24-1.el7.aarch64.rpm rh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm rh-php72-php-soap-7.2.24-1.el7.aarch64.rpm rh-php72-php-xml-7.2.24-1.el7.aarch64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm rh-php72-php-zip-7.2.24-1.el7.aarch64.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
ppc64le: rh-php72-php-7.2.24-1.el7.ppc64le.rpm rh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm rh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm rh-php72-php-common-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm rh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm rh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm rh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm rh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm rh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm rh-php72-php-json-7.2.24-1.el7.ppc64le.rpm rh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm rh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm rh-php72-php-process-7.2.24-1.el7.ppc64le.rpm rh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm rh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm rh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm rh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm rh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm
s390x: rh-php72-php-7.2.24-1.el7.s390x.rpm rh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm rh-php72-php-cli-7.2.24-1.el7.s390x.rpm rh-php72-php-common-7.2.24-1.el7.s390x.rpm rh-php72-php-dba-7.2.24-1.el7.s390x.rpm rh-php72-php-dbg-7.2.24-1.el7.s390x.rpm rh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm rh-php72-php-devel-7.2.24-1.el7.s390x.rpm rh-php72-php-embedded-7.2.24-1.el7.s390x.rpm rh-php72-php-enchant-7.2.24-1.el7.s390x.rpm rh-php72-php-fpm-7.2.24-1.el7.s390x.rpm rh-php72-php-gd-7.2.24-1.el7.s390x.rpm rh-php72-php-gmp-7.2.24-1.el7.s390x.rpm rh-php72-php-intl-7.2.24-1.el7.s390x.rpm rh-php72-php-json-7.2.24-1.el7.s390x.rpm rh-php72-php-ldap-7.2.24-1.el7.s390x.rpm rh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm rh-php72-php-odbc-7.2.24-1.el7.s390x.rpm rh-php72-php-opcache-7.2.24-1.el7.s390x.rpm rh-php72-php-pdo-7.2.24-1.el7.s390x.rpm rh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm rh-php72-php-process-7.2.24-1.el7.s390x.rpm rh-php72-php-pspell-7.2.24-1.el7.s390x.rpm rh-php72-php-recode-7.2.24-1.el7.s390x.rpm rh-php72-php-snmp-7.2.24-1.el7.s390x.rpm rh-php72-php-soap-7.2.24-1.el7.s390x.rpm rh-php72-php-xml-7.2.24-1.el7.s390x.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm rh-php72-php-zip-7.2.24-1.el7.s390x.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-php72-php-7.2.24-1.el7.src.rpm
x86_64: rh-php72-php-7.2.24-1.el7.x86_64.rpm rh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm rh-php72-php-cli-7.2.24-1.el7.x86_64.rpm rh-php72-php-common-7.2.24-1.el7.x86_64.rpm rh-php72-php-dba-7.2.24-1.el7.x86_64.rpm rh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm rh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm rh-php72-php-devel-7.2.24-1.el7.x86_64.rpm rh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm rh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm rh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm rh-php72-php-gd-7.2.24-1.el7.x86_64.rpm rh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-intl-7.2.24-1.el7.x86_64.rpm rh-php72-php-json-7.2.24-1.el7.x86_64.rpm rh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm rh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm rh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm rh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm rh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm rh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm rh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm rh-php72-php-process-7.2.24-1.el7.x86_64.rpm rh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm rh-php72-php-recode-7.2.24-1.el7.x86_64.rpm rh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm rh-php72-php-soap-7.2.24-1.el7.x86_64.rpm rh-php72-php-xml-7.2.24-1.el7.x86_64.rpm rh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm rh-php72-php-zip-7.2.24-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-10166 https://access.redhat.com/security/cve/CVE-2018-20783 https://access.redhat.com/security/cve/CVE-2019-6977 https://access.redhat.com/security/cve/CVE-2019-9020 https://access.redhat.com/security/cve/CVE-2019-9021 https://access.redhat.com/security/cve/CVE-2019-9022 https://access.redhat.com/security/cve/CVE-2019-9023 https://access.redhat.com/security/cve/CVE-2019-9024 https://access.redhat.com/security/cve/CVE-2019-9637 https://access.redhat.com/security/cve/CVE-2019-9638 https://access.redhat.com/security/cve/CVE-2019-9639 https://access.redhat.com/security/cve/CVE-2019-9640 https://access.redhat.com/security/cve/CVE-2019-11034 https://access.redhat.com/security/cve/CVE-2019-11035 https://access.redhat.com/security/cve/CVE-2019-11036 https://access.redhat.com/security/cve/CVE-2019-11038 https://access.redhat.com/security/cve/CVE-2019-11039 https://access.redhat.com/security/cve/CVE-2019-11040 https://access.redhat.com/security/cve/CVE-2019-11041 https://access.redhat.com/security/cve/CVE-2019-11042 https://access.redhat.com/security/cve/CVE-2019-11043 https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4 sOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB tJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb yBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu PlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB +bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA Xq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp V9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc QXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+ z/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw RG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq 86WRMpuQxpE= =winR -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-10-07-1 macOS Catalina 10.15
macOS Catalina 10.15 is now available and addresses the following:
AMD Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team
apache_mod_php Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Multiple issues in PHP Description: Multiple issues were addressed by updating to PHP version 7.3.8. CVE-2019-11041 CVE-2019-11042
CoreAudio Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted movie may result in the disclosure of process memory Description: A memory corruption issue was addressed with improved validation. CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Crash Reporter Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: The "Share Mac Analytics" setting may not be disabled when a user deselects the switch to share analytics Description: A race condition existed when reading and writing user preferences. This was addressed with improved state handling. CVE-2019-8757: William Cerniuk of Core Development, LLC
Intel Graphics Driver Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8758: Lilang Wu and Moony Li of Trend Micro
IOGraphics Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to determine kernel memory layout Description: A logic issue was addressed with improved restrictions. CVE-2019-8755: Lilang Wu and Moony Li of Trend Micro
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8717: Jann Horn of Google Project Zero
Kernel Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2019-8781: Linus Henze (pinauten.de)
Notes Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A local user may be able to view a user's locked notes Description: The contents of locked notes sometimes appeared in search results. This issue was addressed with improved data cleanup. CVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia Polytechnic Institute and State University
PDFKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An attacker may be able to exfiltrate the contents of an encrypted PDF Description: An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a confirmation prompt. CVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising of FH Münster University of Applied Sciences, Vladislav Mladenov of Ruhr University Bochum, Christian Mainka of Ruhr University Bochum, Sebastian Schinzel of FH Münster University of Applied Sciences, and Jörg Schwenk of Ruhr University Bochum
SharedFileList Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A malicious application may be able to access recent documents Description: The issue was addressed with improved permissions logic. CVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH
sips Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992) and pjf of IceSword Lab of Qihoo 360
UIFoundation Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Processing a maliciously crafted text file may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: Visiting a maliciously crafted website may reveal browsing history Description: An issue existed in the drawing of web page elements. The issue was addressed with improved logic. CVE-2019-8769: Piérre Reimertz (@reimertz)
WebKit Available for: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013 and later) Impact: A user may be unable to delete browsing history items Description: "Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. CVE-2019-8768: Hugo S. Diaz (coldpointblue)
Additional recognition
Finder We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.
Gatekeeper We would like to acknowledge Csaba Fitzl (@theevilbit) for their assistance.
Safari Data Importing We would like to acknowledge Kent Zoya for their assistance.
Simple certificate enrollment protocol (SCEP) We would like to acknowledge an anonymous researcher for their assistance.
Telephony We would like to acknowledge Phil Stokes from SentinelOne for their assistance.
Installation note:
macOS Catalina 10.15 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2blu0ACgkQBz4uGe3y 0M1A7g//e9fSj7PMQLPpztkv54U3jAPgU5jxKEIeSxvImDLg94YFDH1RxiZ8UP+4 R8tb2vEi+gEV/MWHQyExunrUoxMc0szqFEEyTcA1nxUMTsYtmQNDVeMlv4nc9sOs n3Eh1wajdkmnBJoEzQoJfM7W09ND0eFcyr2ucnH7bZXQWkG4ZdJwgtCA0kdlcODK Y7730ZREKqt88cBKJMow0y2CyeCWK4E1yWD6OTx0Iqf2fZXNinZw/ViDQEOrULy0 Dydi9GF8BmTWNQfiRd9quYN3k0ETe3jMYv7SFwv3LV820OobvY0qlSOAucjkjcNe SKhbewe2MRo5EXCRVPYgVMW9elVFtjgSITr7B7a/u6NGUW2jhFj1EeonvOaKDUqu Kybq7oa3F4EY1hZRs288GzIFdV8osjwggAJ4AithJVEa8fhepS4Q9wIDsEHgkHZa /epkzfoXTRNBMC2qf87i1vbLSrN9qxegxHoGn/dVzz/p008m3AfKZmndZ6vRG0ac jv/lw1lhaKVKyusvix3MU5GVwZvGVqYuqfISp+uaJEBJ4nuUw4LKuzimCAjjCmnw CV2Mz9aZG1PX5KrfuYwEc/bw49ODnCW3KiaCD0XlO4MdtEDA9lYoUdmsCbnmMzIa rJ3xEcFpjOnJVVXLIWopXzIb23/5YaKctqcRScfmGpoHKRIkzQo= =ibLV -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1840", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "12.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "14.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "16.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "18.04", }, { model: "ubuntu linux", scope: "eq", trust: 1.1, vendor: "canonical", version: "19.04", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "8.0", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "9.0", }, { model: "linux", scope: "eq", trust: 1.1, vendor: "debian", version: "10.0", }, { model: "leap", scope: "eq", trust: 1.1, vendor: "opensuse", version: "15.0", }, { model: "mac os x", scope: "lt", trust: 1, vendor: "apple", version: "10.15.1", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.1.31", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.21", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.8", }, { model: "software collections", scope: "eq", trust: 1, vendor: "redhat", version: "1.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.1.0", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "ubuntu", scope: null, trust: 0.8, vendor: "canonical", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.1.31 for up to 7.1.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.2.21 for up to 7.2.x", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.3.8 for up to 7.3.x", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.7", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.8", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.9", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.10", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.11", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.12", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.13", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.14", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.15", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.16", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.17", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.18", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.19", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.20", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.21", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.22", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.23", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.24", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.25", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.26", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.27", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.28", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.29", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.1.30", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.7", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.8", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.9", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.10", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.11", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.12", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.13", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.14", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.15", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.16", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.17", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.18", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.19", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.2.20", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.0", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.1", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.2", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.3", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.4", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.5", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.6", }, { model: "php", scope: "eq", trust: 0.1, vendor: "php", version: "7.3.7", }, { model: "mac os x", scope: "eq", trust: 0.1, vendor: "apple", version: "10.15", }, ], sources: [ { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:canonical:ubuntu_linux", vulnerable: true, }, { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/a:php:php", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-007694", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ubuntu,Red Hat", sources: [ { db: "CNNVD", id: "CNNVD-201908-140", }, ], trust: 0.6, }, cve: "CVE-2019-11041", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "CVE-2019-11041", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.8, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2019-11041", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", exploitabilityScore: 8.6, id: "VHN-142648", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2019-11041", impactScore: 4.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "security@php.net", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.2, id: "CVE-2019-11041", impactScore: 2.5, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-11041", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-11041", trust: 1, value: "HIGH", }, { author: "security@php.net", id: "CVE-2019-11041", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2019-11041", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201908-140", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-142648", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2019-11041", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-142648", }, { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "CNNVD", id: "CNNVD-201908-140", }, { db: "NVD", id: "CVE-2019-11041", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. PHP EXIF Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by PHPGroup and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. A buffer error vulnerability exists in PHP 7.1.x prior to 7.1.31, 7.2.x prior to 7.2.21, and 7.3.x prior to 7.3.8. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. PHP is prone to a heap-based buffer-overflow vulnerability. Failed exploits will result in denial-of-service conditions. \n\nPHP versions before 7.3.8 are vulnerable. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.9-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. =========================================================================\nUbuntu Security Notice USN-4097-1\nAugust 13, 2019\n\nphp7.0, php7.2 vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nPHP could be made to crash or execute arbitrary code if it\nreceived specially crafted image. \nAn attacker could possibly use this issue to cause a denial of service\nor execute arbitrary code. (CVE-2019-11041, CVE-2019-11042)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n libapache2-mod-php7.2 7.2.19-0ubuntu0.19.04.2\n php7.2-cgi 7.2.19-0ubuntu0.19.04.2\n php7.2-cli 7.2.19-0ubuntu0.19.04.2\n php7.2-fpm 7.2.19-0ubuntu0.19.04.2\n php7.2-xmlrpc 7.2.19-0ubuntu0.19.04.2\n\nUbuntu 18.04 LTS:\n libapache2-mod-php7.2 7.2.19-0ubuntu0.18.04.2\n php7.2-cgi 7.2.19-0ubuntu0.18.04.2\n php7.2-cli 7.2.19-0ubuntu0.18.04.2\n php7.2-fpm 7.2.19-0ubuntu0.18.04.2\n php7.2-xmlrpc 7.2.19-0ubuntu0.18.04.2\n\nUbuntu 16.04 LTS:\n libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.6\n php7.0-cgi 7.0.33-0ubuntu0.16.04.6\n php7.0-cli 7.0.33-0ubuntu0.16.04.6\n php7.0-fpm 7.0.33-0ubuntu0.16.04.6\n php7.0-xmlrpc 7.0.33-0ubuntu0.16.04.6\n\nIn general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: rh-php72-php security update\nAdvisory ID: RHSA-2019:3299-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3299\nIssue date: 2019-11-01\nCVE Names: CVE-2016-10166 CVE-2018-20783 CVE-2019-6977 \n CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 \n CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 \n CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 \n CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 \n CVE-2019-11038 CVE-2019-11039 CVE-2019-11040 \n CVE-2019-11041 CVE-2019-11042 CVE-2019-11043 \n=====================================================================\n\n1. Summary:\n\nAn update for rh-php72-php is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Critical. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nThe following packages have been upgraded to a later upstream version:\nrh-php72-php (7.2.24). (BZ#1766603)\n\nSecurity Fix(es):\n\n* php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)\n\n* gd: Unsigned integer underflow _gdContributionsAlloc() (CVE-2016-10166)\n\n* gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c\n(CVE-2019-6977)\n\n* php: Invalid memory access in function xmlrpc_decode() (CVE-2019-9020)\n\n* php: File rename across filesystems may allow unwanted access during\nprocessing (CVE-2019-9637)\n\n* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9638)\n\n* php: Uninitialized read in exif_process_IFD_in_MAKERNOTE (CVE-2019-9639)\n\n* php: Invalid read in exif_process_SOFn() (CVE-2019-9640)\n\n* php: Out-of-bounds read due to integer overflow in\niconv_mime_decode_headers() (CVE-2019-11039)\n\n* php: Buffer over-read in exif_read_data() (CVE-2019-11040)\n\n* php: Buffer over-read in PHAR reading functions (CVE-2018-20783)\n\n* php: Heap-based buffer over-read in PHAR reading functions\n(CVE-2019-9021)\n\n* php: memcpy with negative length via crafted DNS response (CVE-2019-9022)\n\n* php: Heap-based buffer over-read in mbstring regular expression functions\n(CVE-2019-9023)\n\n* php: Out-of-bounds read in base64_decode_xmlrpc in\next/xmlrpc/libxmlrpc/base64.c (CVE-2019-9024)\n\n* php: Heap buffer overflow in function exif_process_IFD_TAG()\n(CVE-2019-11034)\n\n* php: Heap buffer overflow in function exif_iif_add_value()\n(CVE-2019-11035)\n\n* php: Buffer over-read in exif_process_IFD_TAG() leading to information\ndisclosure (CVE-2019-11036)\n\n* gd: Information disclosure in gdImageCreateFromXbm() (CVE-2019-11038)\n\n* php: heap buffer over-read in exif_scan_thumbnail() (CVE-2019-11041)\n\n* php: heap buffer over-read in exif_process_user_comment()\n(CVE-2019-11042)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1418983 - CVE-2016-10166 gd: Unsigned integer underflow _gdContributionsAlloc()\n1672207 - CVE-2019-6977 gd: Heap based buffer overflow in gdImageColorMatch() in gd_color_match.c\n1680545 - CVE-2018-20783 php: Buffer over-read in PHAR reading functions\n1685123 - CVE-2019-9020 php: Invalid memory access in function xmlrpc_decode()\n1685132 - CVE-2019-9021 php: Heap-based buffer over-read in PHAR reading functions\n1685398 - CVE-2019-9023 php: Heap-based buffer over-read in mbstring regular expression functions\n1685404 - CVE-2019-9024 php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c\n1685412 - CVE-2019-9022 php: memcpy with negative length via crafted DNS response\n1688897 - CVE-2019-9637 php: File rename across filesystems may allow unwanted access during processing\n1688922 - CVE-2019-9638 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE\n1688934 - CVE-2019-9639 php: Uninitialized read in exif_process_IFD_in_MAKERNOTE\n1688939 - CVE-2019-9640 php: Invalid read in exif_process_SOFn()\n1702246 - CVE-2019-11035 php: Heap buffer overflow in function exif_iif_add_value()\n1702256 - CVE-2019-11034 php: Heap buffer overflow in function exif_process_IFD_TAG()\n1707299 - CVE-2019-11036 php: Buffer over-read in exif_process_IFD_TAG() leading to information disclosure\n1724149 - CVE-2019-11038 gd: Information disclosure in gdImageCreateFromXbm()\n1724152 - CVE-2019-11039 php: Out-of-bounds read due to integer overflow in iconv_mime_decode_headers()\n1724154 - CVE-2019-11040 php: Buffer over-read in exif_read_data()\n1739459 - CVE-2019-11041 php: heap buffer over-read in exif_scan_thumbnail()\n1739465 - CVE-2019-11042 php: heap buffer over-read in exif_process_user_comment()\n1766378 - CVE-2019-11043 php: underflow in env_path_info in fpm_main.c\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\naarch64:\nrh-php72-php-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-cli-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-common-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dba-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-devel-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-intl-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-json-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-process-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-recode-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-soap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xml-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-zip-7.2.24-1.el7.aarch64.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\naarch64:\nrh-php72-php-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-cli-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-common-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dba-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-devel-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-intl-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-json-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-process-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-recode-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-soap-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xml-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.aarch64.rpm\nrh-php72-php-zip-7.2.24-1.el7.aarch64.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nppc64le:\nrh-php72-php-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-cli-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-common-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dba-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-dbg-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-devel-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-embedded-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-enchant-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-fpm-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-gmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-intl-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-json-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-ldap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-odbc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-opcache-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pdo-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-process-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-pspell-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-recode-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-snmp-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-soap-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xml-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.ppc64le.rpm\nrh-php72-php-zip-7.2.24-1.el7.ppc64le.rpm\n\ns390x:\nrh-php72-php-7.2.24-1.el7.s390x.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.s390x.rpm\nrh-php72-php-cli-7.2.24-1.el7.s390x.rpm\nrh-php72-php-common-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dba-7.2.24-1.el7.s390x.rpm\nrh-php72-php-dbg-7.2.24-1.el7.s390x.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-devel-7.2.24-1.el7.s390x.rpm\nrh-php72-php-embedded-7.2.24-1.el7.s390x.rpm\nrh-php72-php-enchant-7.2.24-1.el7.s390x.rpm\nrh-php72-php-fpm-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-gmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-intl-7.2.24-1.el7.s390x.rpm\nrh-php72-php-json-7.2.24-1.el7.s390x.rpm\nrh-php72-php-ldap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.s390x.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.s390x.rpm\nrh-php72-php-odbc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-opcache-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pdo-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.s390x.rpm\nrh-php72-php-process-7.2.24-1.el7.s390x.rpm\nrh-php72-php-pspell-7.2.24-1.el7.s390x.rpm\nrh-php72-php-recode-7.2.24-1.el7.s390x.rpm\nrh-php72-php-snmp-7.2.24-1.el7.s390x.rpm\nrh-php72-php-soap-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xml-7.2.24-1.el7.s390x.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.s390x.rpm\nrh-php72-php-zip-7.2.24-1.el7.s390x.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-php72-php-7.2.24-1.el7.src.rpm\n\nx86_64:\nrh-php72-php-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-bcmath-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-cli-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-common-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dba-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-dbg-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-debuginfo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-devel-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-embedded-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-enchant-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-fpm-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-gmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-intl-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-json-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-ldap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mbstring-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-mysqlnd-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-odbc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-opcache-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pdo-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pgsql-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-process-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-pspell-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-recode-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-snmp-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-soap-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xml-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-xmlrpc-7.2.24-1.el7.x86_64.rpm\nrh-php72-php-zip-7.2.24-1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-10166\nhttps://access.redhat.com/security/cve/CVE-2018-20783\nhttps://access.redhat.com/security/cve/CVE-2019-6977\nhttps://access.redhat.com/security/cve/CVE-2019-9020\nhttps://access.redhat.com/security/cve/CVE-2019-9021\nhttps://access.redhat.com/security/cve/CVE-2019-9022\nhttps://access.redhat.com/security/cve/CVE-2019-9023\nhttps://access.redhat.com/security/cve/CVE-2019-9024\nhttps://access.redhat.com/security/cve/CVE-2019-9637\nhttps://access.redhat.com/security/cve/CVE-2019-9638\nhttps://access.redhat.com/security/cve/CVE-2019-9639\nhttps://access.redhat.com/security/cve/CVE-2019-9640\nhttps://access.redhat.com/security/cve/CVE-2019-11034\nhttps://access.redhat.com/security/cve/CVE-2019-11035\nhttps://access.redhat.com/security/cve/CVE-2019-11036\nhttps://access.redhat.com/security/cve/CVE-2019-11038\nhttps://access.redhat.com/security/cve/CVE-2019-11039\nhttps://access.redhat.com/security/cve/CVE-2019-11040\nhttps://access.redhat.com/security/cve/CVE-2019-11041\nhttps://access.redhat.com/security/cve/CVE-2019-11042\nhttps://access.redhat.com/security/cve/CVE-2019-11043\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbwslNzjgjWX9erEAQgZrA//YpBwARJTytrbpWQquZ4hnjbScNEZK1d4\nsOOT+oiQSrzvghsNKNCKwEO1CLbNA9XOT7bCchtpD/HguTc4XeGNk7dAf/qA6UVB\ntJCxmqNBVBKqoe9UafmxLUFcVSkv/PHRVD2h+/TvmqdB8Uf2Z8hIIaBt7UsW34sb\nyBMLJVhyG98c/7VzwqFXW6Vm+Ly6+/ViYtloe5/Ex4D8FvB72Cc9uRvCTWdLLOXu\nPlwQKdaEt5CtUrTmLFEX+9t6tybwhNBf/dZ96nazCaSRtQVnhZI9s+wjoE6vEOOB\n+bOldvJ9tu7LclzMIz7SbSqjhPBSLtEMGZKcO1havVGDwcfPAEc12TW9DtVFDlqA\nXq+dFW5vviRCoMlSmNBmSqQZSWMF64LdzjvWfW2G/nBnNLOdhu/Wufs1sJUOc+cp\nV9PgQH0iWut0N89DaOzTH+4PQvvvTw12HuKHk+P+/O8bBBdcI9gpd5klce/5jquc\nQXqhy49koz6BturNpVnXfSWjdLPwQ1pwhGJOkv7vLsdx6HVeuY6BsSE+C28cHFl+\nz/AOZL4eCa9xKlePdGKCbqzTjMmCiJQbeShoBOKt1DtSgVVgtE0Kc5EZQcqop0aw\nRG304k1HSbrgsSRFxx6s1RophOQaC3ASvWkw5OY/8ylNrO9AAMxLRjZNCve6V7Rq\n86WRMpuQxpE=\n=winR\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.2 Release Notes linked from the References section. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-10-07-1 macOS Catalina 10.15\n\nmacOS Catalina 10.15 is now available and addresses the following:\n\nAMD\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8748: Lilang Wu and Moony Li of TrendMicro Mobile Security\nResearch Team\n\napache_mod_php\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Multiple issues in PHP\nDescription: Multiple issues were addressed by updating to PHP\nversion 7.3.8. \nCVE-2019-11041\nCVE-2019-11042\n\nCoreAudio\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted movie may result in the\ndisclosure of process memory\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero\nDay Initiative\n\nCrash Reporter\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: The \"Share Mac Analytics\" setting may not be disabled when a\nuser deselects the switch to share analytics\nDescription: A race condition existed when reading and writing user\npreferences. This was addressed with improved state handling. \nCVE-2019-8757: William Cerniuk of Core Development, LLC\n\nIntel Graphics Driver\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8758: Lilang Wu and Moony Li of Trend Micro\n\nIOGraphics\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to determine kernel\nmemory layout\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2019-8755: Lilang Wu and Moony Li of Trend Micro\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8717: Jann Horn of Google Project Zero\n\nKernel\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8781: Linus Henze (pinauten.de)\n\nNotes\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A local user may be able to view a user's locked notes\nDescription: The contents of locked notes sometimes appeared in\nsearch results. This issue was addressed with improved data cleanup. \nCVE-2019-8730: Jamie Blumberg (@jamie_blumberg) of Virginia\nPolytechnic Institute and State University\n\nPDFKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An attacker may be able to exfiltrate the contents of an\nencrypted PDF\nDescription: An issue existed in the handling of links in encrypted\nPDFs. This issue was addressed by adding a confirmation prompt. \nCVE-2019-8772: Jens Müller of Ruhr University Bochum, Fabian Ising\nof FH Münster University of Applied Sciences, Vladislav Mladenov\nof Ruhr University Bochum, Christian Mainka of Ruhr University\nBochum, Sebastian Schinzel of FH Münster University of Applied\nSciences, and Jörg Schwenk of Ruhr University Bochum\n\nSharedFileList\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A malicious application may be able to access recent\ndocuments\nDescription: The issue was addressed with improved permissions logic. \nCVE-2019-8770: Stanislav Zinukhov of Parallels International GmbH\n\nsips\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: An application may be able to execute arbitrary code with\nsystem privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992)\nand pjf of IceSword Lab of Qihoo 360\n\nUIFoundation\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Processing a maliciously crafted text file may lead to\narbitrary code execution\nDescription: A buffer overflow was addressed with improved bounds\nchecking. \nCVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's\nZero Day Initiative\n\nWebKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: Visiting a maliciously crafted website may reveal browsing\nhistory\nDescription: An issue existed in the drawing of web page elements. \nThe issue was addressed with improved logic. \nCVE-2019-8769: Piérre Reimertz (@reimertz)\n\nWebKit\nAvailable for: MacBook (Early 2015 and later), MacBook Air (Mid 2012\nand later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and\nlater), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro\n(Late 2013 and later)\nImpact: A user may be unable to delete browsing history items\nDescription: \"Clear History and Website Data\" did not clear the\nhistory. The issue was addressed with improved data deletion. \nCVE-2019-8768: Hugo S. Diaz (coldpointblue)\n\nAdditional recognition\n\nFinder\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their\nassistance. \n\nGatekeeper\nWe would like to acknowledge Csaba Fitzl (@theevilbit) for their\nassistance. \n\nSafari Data Importing\nWe would like to acknowledge Kent Zoya for their assistance. \n\nSimple certificate enrollment protocol (SCEP)\nWe would like to acknowledge an anonymous researcher for their\nassistance. \n\nTelephony\nWe would like to acknowledge Phil Stokes from SentinelOne for their\nassistance. \n\nInstallation note:\n\nmacOS Catalina 10.15 may be obtained from the Mac App Store or\nApple's Software Downloads web site:\nhttps://support.apple.com/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl2blu0ACgkQBz4uGe3y\n0M1A7g//e9fSj7PMQLPpztkv54U3jAPgU5jxKEIeSxvImDLg94YFDH1RxiZ8UP+4\nR8tb2vEi+gEV/MWHQyExunrUoxMc0szqFEEyTcA1nxUMTsYtmQNDVeMlv4nc9sOs\nn3Eh1wajdkmnBJoEzQoJfM7W09ND0eFcyr2ucnH7bZXQWkG4ZdJwgtCA0kdlcODK\nY7730ZREKqt88cBKJMow0y2CyeCWK4E1yWD6OTx0Iqf2fZXNinZw/ViDQEOrULy0\nDydi9GF8BmTWNQfiRd9quYN3k0ETe3jMYv7SFwv3LV820OobvY0qlSOAucjkjcNe\nSKhbewe2MRo5EXCRVPYgVMW9elVFtjgSITr7B7a/u6NGUW2jhFj1EeonvOaKDUqu\nKybq7oa3F4EY1hZRs288GzIFdV8osjwggAJ4AithJVEa8fhepS4Q9wIDsEHgkHZa\n/epkzfoXTRNBMC2qf87i1vbLSrN9qxegxHoGn/dVzz/p008m3AfKZmndZ6vRG0ac\njv/lw1lhaKVKyusvix3MU5GVwZvGVqYuqfISp+uaJEBJ4nuUw4LKuzimCAjjCmnw\nCV2Mz9aZG1PX5KrfuYwEc/bw49ODnCW3KiaCD0XlO4MdtEDA9lYoUdmsCbnmMzIa\nrJ3xEcFpjOnJVVXLIWopXzIb23/5YaKctqcRScfmGpoHKRIkzQo=\n=ibLV\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "VULHUB", id: "VHN-142648", }, { db: "VULMON", id: "CVE-2019-11041", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "154050", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-11041", trust: 3.3, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.7, }, { db: "PACKETSTORM", id: "159094", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2019-007694", trust: 0.8, }, { db: "PACKETSTORM", id: "154051", trust: 0.7, }, { db: "CNNVD", id: "CNNVD-201908-140", trust: 0.7, }, { db: "PACKETSTORM", id: "157463", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.3073", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3272", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0741", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3072", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4296", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.1500", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.3111", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.6056", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "PACKETSTORM", id: "154050", trust: 0.2, }, { db: "PACKETSTORM", id: "154768", trust: 0.2, }, { db: "VULHUB", id: "VHN-142648", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-11041", trust: 0.1, }, { db: "PACKETSTORM", id: "154561", trust: 0.1, }, { db: "PACKETSTORM", id: "154543", trust: 0.1, }, { db: "PACKETSTORM", id: "155070", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-142648", }, { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "154050", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-140", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, id: "VAR-201908-1840", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-142648", }, ], trust: 0.01, }, last_update_date: "2024-11-29T19:45:03.230000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "[SECURITY] [DLA 1878-1] php5 security update", trust: 0.8, url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { title: "78222", trust: 0.8, url: "https://bugs.php.net/bug.php?id=78222", }, { title: "USN-4097-1", trust: 0.8, url: "https://usn.ubuntu.com/4097-1/", }, { title: "USN-4097-2", trust: 0.8, url: "https://usn.ubuntu.com/4097-2/", }, { title: "PHP Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=95902", }, { title: "Ubuntu Security Notice: php7.0, php7.2 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-1", }, { title: "Ubuntu Security Notice: php5 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4097-2", }, { title: "Amazon Linux AMI: ALAS-2019-1284", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1284", }, { title: "Amazon Linux AMI: ALAS-2019-1283", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1283", }, { title: "Debian Security Advisories: DSA-4527-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=877cb76e8aeddfa40b275ad142be1771", }, { title: "Red Hat: Moderate: php:7.2 security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20201624 - Security Advisory", }, { title: "Red Hat: Critical: rh-php72-php security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193299 - Security Advisory", }, { title: "Apple: macOS Catalina 10.15", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=aafc8ca42bce10e92a70604a0d265a55", }, { title: "Debian Security Advisories: DSA-4529-1 php7.0 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=ee5cd1d3e8c521eee01300cbf544b2d7", }, { title: "Threatpost", trust: 0.1, url: "https://threatpost.com/apple-tackles-a-dozen-bugs-in-catalina/148988/", }, ], sources: [ { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "CNNVD", id: "CNNVD-201908-140", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.1, }, { problemtype: "CWE-119", trust: 0.9, }, ], sources: [ { db: "VULHUB", id: "VHN-142648", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "https://access.redhat.com/errata/rhsa-2019:3299", }, { trust: 2.5, url: "https://usn.ubuntu.com/4097-1/", }, { trust: 2.4, url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { trust: 2.4, url: "https://usn.ubuntu.com/4097-2/", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11041", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/sep/35", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/sep/38", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/oct/9", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=78222", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { trust: 1.8, url: "https://support.apple.com/kb/ht210634", }, { trust: 1.8, url: "https://www.debian.org/security/2019/dsa-4527", }, { trust: 1.8, url: "https://www.debian.org/security/2019/dsa-4529", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2019/oct/15", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2019/oct/55", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { trust: 1.7, url: "https://support.apple.com/kb/ht210722", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 0.9, url: "https://access.redhat.com/security/cve/cve-2019-11041", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11041", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11042", }, { trust: 0.6, url: "https://access.redhat.com/errata/rhsa-2019:3300", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192243-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.1500/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3073/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3272/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159094/red-hat-security-advisory-2020-3662-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-29928", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/154051/ubuntu-security-notice-usn-4097-2.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0741/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4296/", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht210722", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht210634", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-api-connects-developer-portal-is-impacted-by-vulnerabilities-in-php/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3072/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6056", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/157463/red-hat-security-advisory-2020-1624-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.3111/", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11040", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11039", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11036", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11035", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11034", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11040", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11039", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-11042", }, { trust: 0.3, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://www.debian.org/security/faq", }, { trust: 0.2, url: "https://www.debian.org/security/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11038", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9022", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9640", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9024", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9638", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9637", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11036", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11035", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9638", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9024", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9639", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9023", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2018-20783", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9022", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9640", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9021", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9023", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9020", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20783", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9639", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9637", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11034", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-9020", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-9021", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109468", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.0", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7065", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11045", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19203", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7062", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7059", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11045", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11047", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7066", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7065", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11047", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13224", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19203", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13225", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7063", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7064", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19246", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20454", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:3662", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7066", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11048", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11048", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13224", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19204", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7060", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7064", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19246", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7063", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-7062", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11050", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7059", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7060", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20454", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.18.04.2", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.6", }, { trust: 0.1, url: "https://usn.ubuntu.com/4097-1", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.2/7.2.19-0ubuntu0.19.04.2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-10166", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#critical", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11043", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11038", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-6977", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11043", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-10166", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-6977", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:1624", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8717", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8757", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8701", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8730", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8770", }, { trust: 0.1, url: "https://support.apple.com/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8769", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8745", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8748", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8772", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8758", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8781", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8755", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8705", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8768", }, ], sources: [ { db: "VULHUB", id: "VHN-142648", }, { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "154050", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-140", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-142648", }, { db: "VULMON", id: "CVE-2019-11041", }, { db: "JVNDB", id: "JVNDB-2019-007694", }, { db: "PACKETSTORM", id: "154561", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "154543", }, { db: "PACKETSTORM", id: "154050", }, { db: "PACKETSTORM", id: "155070", }, { db: "PACKETSTORM", id: "157463", }, { db: "PACKETSTORM", id: "154768", }, { db: "CNNVD", id: "CNNVD-201908-140", }, { db: "NVD", id: "CVE-2019-11041", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-08-09T00:00:00", db: "VULHUB", id: "VHN-142648", }, { date: "2019-08-09T00:00:00", db: "VULMON", id: "CVE-2019-11041", }, { date: "2019-08-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-007694", }, { date: "2019-09-23T18:25:24", db: "PACKETSTORM", id: "154561", }, { date: "2020-09-08T18:10:32", db: "PACKETSTORM", id: "159094", }, { date: "2019-09-20T14:58:48", db: "PACKETSTORM", id: "154543", }, { date: "2019-08-14T02:37:04", db: "PACKETSTORM", id: "154050", }, { date: "2019-11-01T17:11:58", db: "PACKETSTORM", id: "155070", }, { date: "2020-04-28T20:37:45", db: "PACKETSTORM", id: "157463", }, { date: "2019-10-08T19:59:26", db: "PACKETSTORM", id: "154768", }, { date: "2019-08-01T00:00:00", db: "CNNVD", id: "CNNVD-201908-140", }, { date: "2019-08-09T20:15:11.050000", db: "NVD", id: "CVE-2019-11041", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-02-28T00:00:00", db: "VULHUB", id: "VHN-142648", }, { date: "2020-10-02T00:00:00", db: "VULMON", id: "CVE-2019-11041", }, { date: "2019-08-19T00:00:00", db: "JVNDB", id: "JVNDB-2019-007694", }, { date: "2023-03-01T00:00:00", db: "CNNVD", id: "CNNVD-201908-140", }, { date: "2024-11-21T04:20:25.723000", db: "NVD", id: "CVE-2019-11041", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201908-140", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP EXIF Buffer error vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-007694", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-201908-140", }, ], trust: 0.6, }, }
var-202002-1306
Vulnerability from variot
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. PHP Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A buffer error vulnerability exists in PHP 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, and 7.4.x prior to 7.4.2. (CVE-2015-9253). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: rh-php73-php security, bug fix, and enhancement update Advisory ID: RHSA-2020:5275-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2020:5275 Issue date: 2020-12-01 CVE Names: CVE-2019-11045 CVE-2019-11047 CVE-2019-11048 CVE-2019-11050 CVE-2019-19203 CVE-2019-19204 CVE-2019-19246 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 ==================================================================== 1. Summary:
An update for rh-php73-php is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: rh-php73-php (7.3.20). (BZ#1853211)
Security Fix(es):
-
php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte (CVE-2019-11045)
-
php: Information disclosure in exif_read_data() (CVE-2019-11047)
-
php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)
-
oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203)
-
oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204)
-
php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059)
-
php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function (CVE-2020-7060)
-
php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062)
-
php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)
-
php: Information disclosure in exif_read_data() function (CVE-2020-7064)
-
php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065)
-
php: Out of bounds read when parsing EXIF information (CVE-2019-11050)
-
oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c (CVE-2019-19246)
-
php: Information disclosure in function get_headers (CVE-2020-7066)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1777537 - CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c 1786570 - CVE-2019-11047 php: Information disclosure in exif_read_data() 1786572 - CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte 1788258 - CVE-2019-11050 php: Out of bounds read when parsing EXIF information 1797776 - CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex 1797779 - CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function 1802061 - CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c 1802068 - CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c 1808532 - CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress 1808536 - CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions 1820601 - CVE-2020-7064 php: Information disclosure in exif_read_data() function 1820604 - CVE-2020-7066 php: Information disclosure in function get_headers 1820627 - CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution 1837842 - CVE-2019-11048 php: Integer wraparounds when receiving multipart forms
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
aarch64: rh-php73-php-7.3.20-1.el7.aarch64.rpm rh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm rh-php73-php-cli-7.3.20-1.el7.aarch64.rpm rh-php73-php-common-7.3.20-1.el7.aarch64.rpm rh-php73-php-dba-7.3.20-1.el7.aarch64.rpm rh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm rh-php73-php-devel-7.3.20-1.el7.aarch64.rpm rh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm rh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm rh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm rh-php73-php-gd-7.3.20-1.el7.aarch64.rpm rh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-intl-7.3.20-1.el7.aarch64.rpm rh-php73-php-json-7.3.20-1.el7.aarch64.rpm rh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm rh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm rh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm rh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm rh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm rh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm rh-php73-php-process-7.3.20-1.el7.aarch64.rpm rh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm rh-php73-php-recode-7.3.20-1.el7.aarch64.rpm rh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm rh-php73-php-soap-7.3.20-1.el7.aarch64.rpm rh-php73-php-xml-7.3.20-1.el7.aarch64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm rh-php73-php-zip-7.3.20-1.el7.aarch64.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.20-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm rh-php73-php-common-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm rh-php73-php-json-7.3.20-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm rh-php73-php-process-7.3.20-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.20-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm rh-php73-php-cli-7.3.20-1.el7.s390x.rpm rh-php73-php-common-7.3.20-1.el7.s390x.rpm rh-php73-php-dba-7.3.20-1.el7.s390x.rpm rh-php73-php-dbg-7.3.20-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm rh-php73-php-devel-7.3.20-1.el7.s390x.rpm rh-php73-php-embedded-7.3.20-1.el7.s390x.rpm rh-php73-php-enchant-7.3.20-1.el7.s390x.rpm rh-php73-php-fpm-7.3.20-1.el7.s390x.rpm rh-php73-php-gd-7.3.20-1.el7.s390x.rpm rh-php73-php-gmp-7.3.20-1.el7.s390x.rpm rh-php73-php-intl-7.3.20-1.el7.s390x.rpm rh-php73-php-json-7.3.20-1.el7.s390x.rpm rh-php73-php-ldap-7.3.20-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm rh-php73-php-odbc-7.3.20-1.el7.s390x.rpm rh-php73-php-opcache-7.3.20-1.el7.s390x.rpm rh-php73-php-pdo-7.3.20-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm rh-php73-php-process-7.3.20-1.el7.s390x.rpm rh-php73-php-pspell-7.3.20-1.el7.s390x.rpm rh-php73-php-recode-7.3.20-1.el7.s390x.rpm rh-php73-php-snmp-7.3.20-1.el7.s390x.rpm rh-php73-php-soap-7.3.20-1.el7.s390x.rpm rh-php73-php-xml-7.3.20-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm rh-php73-php-zip-7.3.20-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-php73-php-7.3.20-1.el7.src.rpm
x86_64: rh-php73-php-7.3.20-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm rh-php73-php-cli-7.3.20-1.el7.x86_64.rpm rh-php73-php-common-7.3.20-1.el7.x86_64.rpm rh-php73-php-dba-7.3.20-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm rh-php73-php-devel-7.3.20-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm rh-php73-php-gd-7.3.20-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-intl-7.3.20-1.el7.x86_64.rpm rh-php73-php-json-7.3.20-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm rh-php73-php-process-7.3.20-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm rh-php73-php-recode-7.3.20-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm rh-php73-php-soap-7.3.20-1.el7.x86_64.rpm rh-php73-php-xml-7.3.20-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm rh-php73-php-zip-7.3.20-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-11045 https://access.redhat.com/security/cve/CVE-2019-11047 https://access.redhat.com/security/cve/CVE-2019-11048 https://access.redhat.com/security/cve/CVE-2019-11050 https://access.redhat.com/security/cve/CVE-2019-19203 https://access.redhat.com/security/cve/CVE-2019-19204 https://access.redhat.com/security/cve/CVE-2019-19246 https://access.redhat.com/security/cve/CVE-2020-7059 https://access.redhat.com/security/cve/CVE-2020-7060 https://access.redhat.com/security/cve/CVE-2020-7062 https://access.redhat.com/security/cve/CVE-2020-7063 https://access.redhat.com/security/cve/CVE-2020-7064 https://access.redhat.com/security/cve/CVE-2020-7065 https://access.redhat.com/security/cve/CVE-2020-7066 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBX8Y0i9zjgjWX9erEAQg0Fw/8DpkMHPAzp4Tb6ym275eMnlcICweGyFtw becOAQt6d3zo6+1fQ7TvsDhciqoSppofF1z4i1HKRZlvsrkzmPkzXfBh0Z1M99YQ KUsvTcbQ9fd5AzHzkVIQ1NL9Qvhl8We0DL/WEiz6ob3yczwgZAz7yVq+dl7IkfoI 6G/lbIT0g5C9OPpma+KPw2mB1fiaGnPp5+i3o1srMYOcqqd8oWDWOQZJVB1TlkEH rcPfqKdlrwIl2gu9LlGw8leNS0392lsd8UOaVt8rjsW5wdPAZno8rCFp+TMXymJ0 D1FlsrWwsc89QPgeJd13cc487nJnIos8bRxTDsJL/pQdyhIYNLGA7dA20YdMElDh viPblEXhfwRMHeSgTUUTU4dvNk6DiGQWigiNh2973EgYDTxA2AGvLo2ygfFXCVGi EWcECya+Cz+G0/IaJPE1ohnVqdfdrDVncOFNmfdQ6QvDZaoZyqi37UubtA+JB1qC 5f1j9vtfWTMRpkCqmF/94WQ81h2401lqHz6yWlbn2DOALN/R8Cso5mLwwd/9cWLo RwIpTvHOFY++tzoh8Mn9WDaMNkPkf39n30BDtKQA4XG53vo3/RZHmpkmwxy4UVgB gGP537Uy95zumCJMFRsKvkqTg62O6AEOneydtZT/yYGiF9uhHBboTorij+aD7LN4 0afoNZ3Sfdc\xaaB8 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64
For the stable distribution (buster), these problems have been fixed in version 7.3.14-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5K+WQACgkQEMKTtsN8 TjZA/xAAkC1VQPZceCr4L9w2SuZ3tqxhxtQudPw8NcH7kSZtrvFnFOYvqKTj/wNV wtHcx4TMZRPYWu+Pzl2WN7B+H++4PtvNDyUmyrwOycOIBnPrRRp9bmtTrs6Dzmm4 M/y2G5PYVGHxeilQWLKiOKX/EL/7EFjjEZq19DyujBGlOZsj3jGDAxtpGn510Q2d 94c2fa1hCBp8u0HGMcCQ632+bK6JS79JixzkkuGlWiih+2H94Qdwm3saiNt3ey/N QT7tiFsdPWwWUOuT4G6GYrpL0vOw+idm9OClfOAufaZOosgIbL/oUPtMtq7Gb7la ILxU1KbaLMX0vOszycpIP04AEBPETCKxvDuHNLKTGNaE6GQjIjDkSTIH0hGDeaeX gCrRosPh0jmI5M158dJrUPkC5JZpsX/WJWGmNnJ5DvCBMlQtaloVBP4eLXlda8fB 743tDdFlaiD6mC0aGMfXp54yTD3/0J2ENmZ8Rx+YEuTr7/7P1Ia8o2HiIoGE4URf AU4uQ1YjI6bhXo8muN29449vo/5yciVhH3EikHvGtdMAd7c2wD6GxDjpKj2ZWOF8 flI6DcATW+8rq9+dICZOtA0vgxTZb4iPzj4CXoqzfDg+JH5U2AGKQWY/650UIwOX Q2kshwrrFxQUml8AfiL68OJww4MkBmUb9fbwmgBg0pNASigWJa4=EPNV -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202003-57
https://security.gentoo.org/
Severity: High Title: PHP: Multiple vulnerabilities Date: March 26, 2020 Bugs: #671872, #706168, #710304, #713484 ID: 202003-57
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary shell commands.
Background
PHP is an open source general-purpose scripting language that is especially suited for web development. Please review the CVE identifiers referenced below for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 7.2.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.2.29"
All PHP 7.3.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.3.16"
All PHP 7.4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.4.4"
References
[ 1 ] CVE-2018-19518 https://nvd.nist.gov/vuln/detail/CVE-2018-19518 [ 2 ] CVE-2020-7059 https://nvd.nist.gov/vuln/detail/CVE-2020-7059 [ 3 ] CVE-2020-7060 https://nvd.nist.gov/vuln/detail/CVE-2020-7060 [ 4 ] CVE-2020-7061 https://nvd.nist.gov/vuln/detail/CVE-2020-7061 [ 5 ] CVE-2020-7062 https://nvd.nist.gov/vuln/detail/CVE-2020-7062 [ 6 ] CVE-2020-7063 https://nvd.nist.gov/vuln/detail/CVE-2020-7063 [ 7 ] CVE-2020-7064 https://nvd.nist.gov/vuln/detail/CVE-2020-7064 [ 8 ] CVE-2020-7065 https://nvd.nist.gov/vuln/detail/CVE-2020-7065 [ 9 ] CVE-2020-7066 https://nvd.nist.gov/vuln/detail/CVE-2020-7066
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202003-57
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. ========================================================================== Ubuntu Security Notice USN-4279-2 February 19, 2020
php7.0 regression
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
USN-4279-1 introduced a regression in PHP. The updated packages caused a regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253)
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059)
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.12 php7.0-cgi 7.0.33-0ubuntu0.16.04.12 php7.0-cli 7.0.33-0ubuntu0.16.04.12 php7.0-fpm 7.0.33-0ubuntu0.16.04.12
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202002-1306", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.4.2", }, { model: "communications diameter signaling router", scope: "gte", trust: 1, vendor: "oracle", version: "8.0", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.27", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.14", }, { model: "communications diameter signaling router", scope: "lte", trust: 1, vendor: "oracle", version: "8.4", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "8.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.1", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.4.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.2.27", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.3.14", }, { model: "php", scope: "eq", trust: 0.8, vendor: "the php group", version: "7.4.2", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:php:php", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-001730", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Ubuntu,Debian,Red Hat,Gentoo", sources: [ { db: "CNNVD", id: "CNNVD-202002-315", }, ], trust: 0.6, }, cve: "CVE-2020-7060", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-7060", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.1, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 6.4, confidentialityImpact: "Partial", exploitabilityScore: null, id: "JVNDB-2020-001730", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-185185", impactScore: 4.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2020-7060", impactScore: 5.2, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "security@php.net", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2020-7060", impactScore: 2.5, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.1, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-001730", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-7060", trust: 1, value: "CRITICAL", }, { author: "security@php.net", id: "CVE-2020-7060", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "JVNDB-2020-001730", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202002-315", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-185185", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-7060", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-185185", }, { db: "VULMON", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "CNNVD", id: "CNNVD-202002-315", }, { db: "NVD", id: "CVE-2020-7060", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. PHP Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be put into a state. A buffer error vulnerability exists in PHP 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, and 7.4.x prior to 7.4.2. \n(CVE-2015-9253). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: rh-php73-php security, bug fix, and enhancement update\nAdvisory ID: RHSA-2020:5275-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2020:5275\nIssue date: 2020-12-01\nCVE Names: CVE-2019-11045 CVE-2019-11047 CVE-2019-11048\n CVE-2019-11050 CVE-2019-19203 CVE-2019-19204\n CVE-2019-19246 CVE-2020-7059 CVE-2020-7060\n CVE-2020-7062 CVE-2020-7063 CVE-2020-7064\n CVE-2020-7065 CVE-2020-7066\n====================================================================\n1. Summary:\n\nAn update for rh-php73-php is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nThe following packages have been upgraded to a later upstream version:\nrh-php73-php (7.3.20). (BZ#1853211)\n\nSecurity Fix(es):\n\n* php: DirectoryIterator class accepts filenames with embedded \\0 byte and\ntreats them as terminating at that byte (CVE-2019-11045)\n\n* php: Information disclosure in exif_read_data() (CVE-2019-11047)\n\n* php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)\n\n* oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in\nfile gb18030.c (CVE-2019-19203)\n\n* oniguruma: Heap-based buffer over-read in function\nfetch_interval_quantifier in regparse.c (CVE-2019-19204)\n\n* php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059)\n\n* php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function\n(CVE-2020-7060)\n\n* php: NULL pointer dereference in PHP session upload progress\n(CVE-2020-7062)\n\n* php: Files added to tar with Phar::buildFromIterator have all-access\npermissions (CVE-2020-7063)\n\n* php: Information disclosure in exif_read_data() function (CVE-2020-7064)\n\n* php: Using mb_strtolower() function with UTF-32LE encoding leads to\npotential code execution (CVE-2020-7065)\n\n* php: Out of bounds read when parsing EXIF information (CVE-2019-11050)\n\n* oniguruma: Heap-based buffer overflow in str_lower_case_match in\nregexec.c (CVE-2019-19246)\n\n* php: Information disclosure in function get_headers (CVE-2020-7066)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nSoftware Collections 3.6 Release Notes linked from the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1777537 - CVE-2019-19246 oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c\n1786570 - CVE-2019-11047 php: Information disclosure in exif_read_data()\n1786572 - CVE-2019-11045 php: DirectoryIterator class accepts filenames with embedded \\0 byte and treats them as terminating at that byte\n1788258 - CVE-2019-11050 php: Out of bounds read when parsing EXIF information\n1797776 - CVE-2020-7059 php: Out of bounds read in php_strip_tags_ex\n1797779 - CVE-2020-7060 php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function\n1802061 - CVE-2019-19203 oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c\n1802068 - CVE-2019-19204 oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c\n1808532 - CVE-2020-7062 php: NULL pointer dereference in PHP session upload progress\n1808536 - CVE-2020-7063 php: Files added to tar with Phar::buildFromIterator have all-access permissions\n1820601 - CVE-2020-7064 php: Information disclosure in exif_read_data() function\n1820604 - CVE-2020-7066 php: Information disclosure in function get_headers\n1820627 - CVE-2020-7065 php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution\n1837842 - CVE-2019-11048 php: Integer wraparounds when receiving multipart forms\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\naarch64:\nrh-php73-php-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-cli-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-common-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dba-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-devel-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-intl-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-json-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-process-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-recode-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-soap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xml-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-zip-7.3.20-1.el7.aarch64.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\naarch64:\nrh-php73-php-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-cli-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-common-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dba-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-devel-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-intl-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-json-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-process-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-recode-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-soap-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xml-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.aarch64.rpm\nrh-php73-php-zip-7.3.20-1.el7.aarch64.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.20-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.20-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.20-1.el7.s390x.rpm\nrh-php73-php-common-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.20-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.20-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.20-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.20-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.20-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.20-1.el7.s390x.rpm\nrh-php73-php-json-7.3.20-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.s390x.rpm\nrh-php73-php-process-7.3.20-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.20-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.20-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.20-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.20-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.20-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-php73-php-7.3.20-1.el7.src.rpm\n\nx86_64:\nrh-php73-php-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.20-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.20-1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-11045\nhttps://access.redhat.com/security/cve/CVE-2019-11047\nhttps://access.redhat.com/security/cve/CVE-2019-11048\nhttps://access.redhat.com/security/cve/CVE-2019-11050\nhttps://access.redhat.com/security/cve/CVE-2019-19203\nhttps://access.redhat.com/security/cve/CVE-2019-19204\nhttps://access.redhat.com/security/cve/CVE-2019-19246\nhttps://access.redhat.com/security/cve/CVE-2020-7059\nhttps://access.redhat.com/security/cve/CVE-2020-7060\nhttps://access.redhat.com/security/cve/CVE-2020-7062\nhttps://access.redhat.com/security/cve/CVE-2020-7063\nhttps://access.redhat.com/security/cve/CVE-2020-7064\nhttps://access.redhat.com/security/cve/CVE-2020-7065\nhttps://access.redhat.com/security/cve/CVE-2020-7066\nhttps://access.redhat.com/security/updates/classification/#moderate\nhttps://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2020 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBX8Y0i9zjgjWX9erEAQg0Fw/8DpkMHPAzp4Tb6ym275eMnlcICweGyFtw\nbecOAQt6d3zo6+1fQ7TvsDhciqoSppofF1z4i1HKRZlvsrkzmPkzXfBh0Z1M99YQ\nKUsvTcbQ9fd5AzHzkVIQ1NL9Qvhl8We0DL/WEiz6ob3yczwgZAz7yVq+dl7IkfoI\n6G/lbIT0g5C9OPpma+KPw2mB1fiaGnPp5+i3o1srMYOcqqd8oWDWOQZJVB1TlkEH\nrcPfqKdlrwIl2gu9LlGw8leNS0392lsd8UOaVt8rjsW5wdPAZno8rCFp+TMXymJ0\nD1FlsrWwsc89QPgeJd13cc487nJnIos8bRxTDsJL/pQdyhIYNLGA7dA20YdMElDh\nviPblEXhfwRMHeSgTUUTU4dvNk6DiGQWigiNh2973EgYDTxA2AGvLo2ygfFXCVGi\nEWcECya+Cz+G0/IaJPE1ohnVqdfdrDVncOFNmfdQ6QvDZaoZyqi37UubtA+JB1qC\n5f1j9vtfWTMRpkCqmF/94WQ81h2401lqHz6yWlbn2DOALN/R8Cso5mLwwd/9cWLo\nRwIpTvHOFY++tzoh8Mn9WDaMNkPkf39n30BDtKQA4XG53vo3/RZHmpkmwxy4UVgB\ngGP537Uy95zumCJMFRsKvkqTg62O6AEOneydtZT/yYGiF9uhHBboTorij+aD7LN4\n0afoNZ3Sfdc\\xaaB8\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.14-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. \n\nFor the detailed security status of php7.3 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/php7.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl5K+WQACgkQEMKTtsN8\nTjZA/xAAkC1VQPZceCr4L9w2SuZ3tqxhxtQudPw8NcH7kSZtrvFnFOYvqKTj/wNV\nwtHcx4TMZRPYWu+Pzl2WN7B+H++4PtvNDyUmyrwOycOIBnPrRRp9bmtTrs6Dzmm4\nM/y2G5PYVGHxeilQWLKiOKX/EL/7EFjjEZq19DyujBGlOZsj3jGDAxtpGn510Q2d\n94c2fa1hCBp8u0HGMcCQ632+bK6JS79JixzkkuGlWiih+2H94Qdwm3saiNt3ey/N\nQT7tiFsdPWwWUOuT4G6GYrpL0vOw+idm9OClfOAufaZOosgIbL/oUPtMtq7Gb7la\nILxU1KbaLMX0vOszycpIP04AEBPETCKxvDuHNLKTGNaE6GQjIjDkSTIH0hGDeaeX\ngCrRosPh0jmI5M158dJrUPkC5JZpsX/WJWGmNnJ5DvCBMlQtaloVBP4eLXlda8fB\n743tDdFlaiD6mC0aGMfXp54yTD3/0J2ENmZ8Rx+YEuTr7/7P1Ia8o2HiIoGE4URf\nAU4uQ1YjI6bhXo8muN29449vo/5yciVhH3EikHvGtdMAd7c2wD6GxDjpKj2ZWOF8\nflI6DcATW+8rq9+dICZOtA0vgxTZb4iPzj4CXoqzfDg+JH5U2AGKQWY/650UIwOX\nQ2kshwrrFxQUml8AfiL68OJww4MkBmUb9fbwmgBg0pNASigWJa4=EPNV\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202003-57\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: PHP: Multiple vulnerabilities\n Date: March 26, 2020\n Bugs: #671872, #706168, #710304, #713484\n ID: 202003-57\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould result in the execution of arbitrary shell commands. \n\nBackground\n==========\n\nPHP is an open source general-purpose scripting language that is\nespecially suited for web development. Please review the\nCVE identifiers referenced below for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 7.2.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.2.29\"\n\nAll PHP 7.3.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.3.16\"\n\nAll PHP 7.4.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.4.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2018-19518\n https://nvd.nist.gov/vuln/detail/CVE-2018-19518\n[ 2 ] CVE-2020-7059\n https://nvd.nist.gov/vuln/detail/CVE-2020-7059\n[ 3 ] CVE-2020-7060\n https://nvd.nist.gov/vuln/detail/CVE-2020-7060\n[ 4 ] CVE-2020-7061\n https://nvd.nist.gov/vuln/detail/CVE-2020-7061\n[ 5 ] CVE-2020-7062\n https://nvd.nist.gov/vuln/detail/CVE-2020-7062\n[ 6 ] CVE-2020-7063\n https://nvd.nist.gov/vuln/detail/CVE-2020-7063\n[ 7 ] CVE-2020-7064\n https://nvd.nist.gov/vuln/detail/CVE-2020-7064\n[ 8 ] CVE-2020-7065\n https://nvd.nist.gov/vuln/detail/CVE-2020-7065\n[ 9 ] CVE-2020-7066\n https://nvd.nist.gov/vuln/detail/CVE-2020-7066\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202003-57\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n\n\n. ==========================================================================\nUbuntu Security Notice USN-4279-2\nFebruary 19, 2020\n\nphp7.0 regression\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n\nSummary:\n\nUSN-4279-1 introduced a regression in PHP. The updated packages caused a regression. \nThis update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that PHP incorrectly handled certain scripts. \n An attacker could possibly use this issue to cause a denial of service. \n This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. \n (CVE-2015-9253)\n \n It was discovered that PHP incorrectly handled certain inputs. An attacker\n could possibly use this issue to expose sensitive information. \n (CVE-2020-7059)\n \n It was discovered that PHP incorrectly handled certain inputs. \n An attacker could possibly use this issue to execute arbitrary code. \n This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS\n and Ubuntu 19.10. (CVE-2020-7060)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.12\n php7.0-cgi 7.0.33-0ubuntu0.16.04.12\n php7.0-cli 7.0.33-0ubuntu0.16.04.12\n php7.0-fpm 7.0.33-0ubuntu0.16.04.12\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "VULHUB", id: "VHN-185185", }, { db: "VULMON", id: "CVE-2020-7060", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, ], trust: 2.43, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-7060", trust: 3.3, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.7, }, { db: "PACKETSTORM", id: "160292", trust: 0.8, }, { db: "PACKETSTORM", id: "159094", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-001730", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202002-315", trust: 0.7, }, { db: "PACKETSTORM", id: "156399", trust: 0.7, }, { db: "PACKETSTORM", id: "156934", trust: 0.7, }, { db: "PACKETSTORM", id: "156441", trust: 0.7, }, { db: "PACKETSTORM", id: "156423", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2022.6056", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4262", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0741", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0748", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0566", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0584", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3072", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.0853", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4296", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "CNVD", id: "CNVD-2020-14917", trust: 0.1, }, { db: "VULHUB", id: "VHN-185185", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-7060", trust: 0.1, }, { db: "PACKETSTORM", id: "156397", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-185185", }, { db: "VULMON", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-315", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, id: "VAR-202002-1306", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-185185", }, ], trust: 0.01, }, last_update_date: "2024-11-23T19:33:19.823000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Sec Bug #79037", trust: 0.8, url: "https://bugs.php.net/bug.php?id=79037", }, { title: "PHP mbstring Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=109491", }, { title: "Ubuntu Security Notice: php5, php7.0, php7.2, php7.3 vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4279-1", }, { title: "Ubuntu Security Notice: php7.0 regression", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4279-2", }, { title: "Amazon Linux AMI: ALAS-2020-1347", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1347", }, { title: "Amazon Linux AMI: ALAS-2020-1346", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1346", }, { title: "Red Hat: Moderate: rh-php73-php security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20205275 - Security Advisory", }, { title: "Debian Security Advisories: DSA-4628-1 php7.0 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=688741de46e2d16edb2da10e1d501450", }, { title: "Red Hat: Moderate: php:7.3 security, bug fix, and enhancement update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20203662 - Security Advisory", }, { title: "Debian Security Advisories: DSA-4626-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=66162fd32170228a0805fd7114196e44", }, { title: "Tenable Security Advisories: [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-14", }, ], sources: [ { db: "VULMON", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "CNNVD", id: "CNNVD-202002-315", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-125", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-185185", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://www.debian.org/security/2020/dsa-4628", }, { trust: 2.4, url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { trust: 2.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7060", }, { trust: 1.9, url: "https://security.gentoo.org/glsa/202003-57", }, { trust: 1.9, url: "https://usn.ubuntu.com/4279-1/", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2020/feb/27", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2020/feb/31", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2021/jan/3", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { trust: 1.8, url: "https://www.debian.org/security/2020/dsa-4626", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=79037", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.8, url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { trust: 1.7, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7060", }, { trust: 0.8, url: "https://access.redhat.com/security/cve/cve-2020-7060", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7059", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4262/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156423/debian-security-advisory-4628-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0748/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156441/ubuntu-security-notice-usn-4279-2.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159094/red-hat-security-advisory-2020-3662-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/160292/red-hat-security-advisory-2020-5275-01.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0566/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0741/", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156934/gentoo-linux-security-advisory-202003-57.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0853/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4296/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.0584/", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-php-cve-2020-7069-cve-2020-7059-2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3072/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6056", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-multiple-vulnerabilities-31420", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/156399/debian-security-advisory-4626-1.html", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11045", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11047", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11050", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7065", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7062", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7064", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7066", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7063", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2015-9253", }, { trust: 0.2, url: "https://usn.ubuntu.com/4279-1", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11050", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19203", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7059", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11045", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7066", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7065", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11047", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19203", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19204", }, { trust: 0.2, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7063", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19246", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11048", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-11048", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2019-19204", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7064", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19246", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7062", }, { trust: 0.2, url: "https://www.debian.org/security/faq", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11046", }, { trust: 0.2, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/125.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.3/7.3.11-0ubuntu0.19.10.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.2/7.2.24-0ubuntu0.18.04.3", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.11", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:5275", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/3.6_release_notes/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11042", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11041", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11040", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11040", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11039", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11039", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13224", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11042", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-11041", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-16163", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20454", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2020:3662", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13225", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13224", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-16163", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20454", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11049", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-19518", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7061", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://usn.ubuntu.com/4279-2", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.12", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.0", }, ], sources: [ { db: "VULHUB", id: "VHN-185185", }, { db: "VULMON", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-315", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-185185", }, { db: "VULMON", id: "CVE-2020-7060", }, { db: "JVNDB", id: "JVNDB-2020-001730", }, { db: "PACKETSTORM", id: "156397", }, { db: "PACKETSTORM", id: "160292", }, { db: "PACKETSTORM", id: "159094", }, { db: "PACKETSTORM", id: "156399", }, { db: "PACKETSTORM", id: "156934", }, { db: "PACKETSTORM", id: "156441", }, { db: "PACKETSTORM", id: "156423", }, { db: "CNNVD", id: "CNNVD-202002-315", }, { db: "NVD", id: "CVE-2020-7060", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-02-10T00:00:00", db: "VULHUB", id: "VHN-185185", }, { date: "2020-02-10T00:00:00", db: "VULMON", id: "CVE-2020-7060", }, { date: "2020-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-001730", }, { date: "2020-02-18T15:04:45", db: "PACKETSTORM", id: "156397", }, { date: "2020-12-01T16:36:40", db: "PACKETSTORM", id: "160292", }, { date: "2020-09-08T18:10:32", db: "PACKETSTORM", id: "159094", }, { date: "2020-02-18T15:05:02", db: "PACKETSTORM", id: "156399", }, { date: "2020-03-27T13:06:15", db: "PACKETSTORM", id: "156934", }, { date: "2020-02-20T17:44:31", db: "PACKETSTORM", id: "156441", }, { date: "2020-02-19T15:28:10", db: "PACKETSTORM", id: "156423", }, { date: "2020-02-10T00:00:00", db: "CNNVD", id: "CNNVD-202002-315", }, { date: "2020-02-10T08:15:12.797000", db: "NVD", id: "CVE-2020-7060", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2022-07-01T00:00:00", db: "VULHUB", id: "VHN-185185", }, { date: "2021-07-22T00:00:00", db: "VULMON", id: "CVE-2020-7060", }, { date: "2020-02-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-001730", }, { date: "2022-11-22T00:00:00", db: "CNNVD", id: "CNNVD-202002-315", }, { date: "2024-11-21T05:36:35.360000", db: "NVD", id: "CVE-2020-7060", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202002-315", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP Out-of-bounds read vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2020-001730", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202002-315", }, ], trust: 0.6, }, }
var-202102-1488
Vulnerability from variot
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). Please keep an eye on CNNVD or manufacturer announcements. Clusters and applications are all visible and managed from a single console—with security policy built in.
Security fixes:
-
nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)
-
redis: Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626)
-
redis: Integer overflow issue with Streams (CVE-2021-32627)
-
redis: Integer overflow bug in the ziplist data structure (CVE-2021-32628)
-
redis: Integer overflow issue with intsets (CVE-2021-32687)
-
redis: Integer overflow issue with strings (CVE-2021-41099)
-
redis: Out of bounds read in lua debugger protocol parser (CVE-2021-32672)
-
redis: Denial of service via Redis Standard Protocol (RESP) request (CVE-2021-32675)
-
helm: information disclosure vulnerability (CVE-2021-32690)
Bug fixes:
-
KUBE-API: Support move agent to different cluster in the same namespace (BZ# 1977358)
-
Add columns to the Agent CRD list (BZ# 1977398)
-
ClusterDeployment controller watches all Secrets from all namespaces (BZ# 1986081)
-
RHACM 2.3.3 images (BZ# 1999365)
-
Workaround for Network Manager not supporting nmconnections priority (BZ# 2001294)
-
create cluster page empty in Safary Browser (BZ# 2002280)
-
Compliance state doesn't get updated after fixing the issue causing initially the policy not being able to update the managed object (BZ# 2002667)
-
Overview page displays VMware based managed cluster as other (BZ# 2004188)
-
Bugs fixed (https://bugzilla.redhat.com/):
1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name 1977358 - [4.8.0] KUBE-API: Support move agent to different cluster in the same namespace 1977398 - [4.8.0] [master] Add columns to the Agent CRD list 1978144 - CVE-2021-32690 helm: information disclosure vulnerability 1986081 - [4.8.0] ClusterDeployment controller watches all Secrets from all namespaces 1999365 - RHACM 2.3.3 images 2001294 - [4.8.0] Workaround for Network Manager not supporting nmconnections priority 2002280 - create cluster page empty in Safary Browser 2002667 - Compliance state doesn't get updated after fixing the issue causing initially the policy not being able to update the managed object 2004188 - Overview page displays VMware based managed cluster as other 2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets 2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request 2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser 2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure 2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams 2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack 2011020 - CVE-2021-41099 redis: Integer overflow issue with strings
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
-
openssl: integer overflow in CipherUpdate (CVE-2021-23840)
-
openssl: NULL pointer dereference in X509_issuer_and_serial_hash() (CVE-2021-23841)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. Bugs fixed (https://bugzilla.redhat.com/):
1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: openssl-1.0.2k-22.el7_9.src.rpm
x86_64: openssl-1.0.2k-22.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-libs-1.0.2k-22.el7_9.i686.rpm openssl-libs-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
Source: openssl-1.0.2k-22.el7_9.src.rpm
x86_64: openssl-1.0.2k-22.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-libs-1.0.2k-22.el7_9.i686.rpm openssl-libs-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-devel-1.0.2k-22.el7_9.i686.rpm openssl-devel-1.0.2k-22.el7_9.x86_64.rpm openssl-perl-1.0.2k-22.el7_9.x86_64.rpm openssl-static-1.0.2k-22.el7_9.i686.rpm openssl-static-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: openssl-1.0.2k-22.el7_9.src.rpm
ppc64: openssl-1.0.2k-22.el7_9.ppc64.rpm openssl-debuginfo-1.0.2k-22.el7_9.ppc.rpm openssl-debuginfo-1.0.2k-22.el7_9.ppc64.rpm openssl-devel-1.0.2k-22.el7_9.ppc.rpm openssl-devel-1.0.2k-22.el7_9.ppc64.rpm openssl-libs-1.0.2k-22.el7_9.ppc.rpm openssl-libs-1.0.2k-22.el7_9.ppc64.rpm
ppc64le: openssl-1.0.2k-22.el7_9.ppc64le.rpm openssl-debuginfo-1.0.2k-22.el7_9.ppc64le.rpm openssl-devel-1.0.2k-22.el7_9.ppc64le.rpm openssl-libs-1.0.2k-22.el7_9.ppc64le.rpm
s390x: openssl-1.0.2k-22.el7_9.s390x.rpm openssl-debuginfo-1.0.2k-22.el7_9.s390.rpm openssl-debuginfo-1.0.2k-22.el7_9.s390x.rpm openssl-devel-1.0.2k-22.el7_9.s390.rpm openssl-devel-1.0.2k-22.el7_9.s390x.rpm openssl-libs-1.0.2k-22.el7_9.s390.rpm openssl-libs-1.0.2k-22.el7_9.s390x.rpm
x86_64: openssl-1.0.2k-22.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-devel-1.0.2k-22.el7_9.i686.rpm openssl-devel-1.0.2k-22.el7_9.x86_64.rpm openssl-libs-1.0.2k-22.el7_9.i686.rpm openssl-libs-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: openssl-debuginfo-1.0.2k-22.el7_9.ppc.rpm openssl-debuginfo-1.0.2k-22.el7_9.ppc64.rpm openssl-perl-1.0.2k-22.el7_9.ppc64.rpm openssl-static-1.0.2k-22.el7_9.ppc.rpm openssl-static-1.0.2k-22.el7_9.ppc64.rpm
ppc64le: openssl-debuginfo-1.0.2k-22.el7_9.ppc64le.rpm openssl-perl-1.0.2k-22.el7_9.ppc64le.rpm openssl-static-1.0.2k-22.el7_9.ppc64le.rpm
s390x: openssl-debuginfo-1.0.2k-22.el7_9.s390.rpm openssl-debuginfo-1.0.2k-22.el7_9.s390x.rpm openssl-perl-1.0.2k-22.el7_9.s390x.rpm openssl-static-1.0.2k-22.el7_9.s390.rpm openssl-static-1.0.2k-22.el7_9.s390x.rpm
x86_64: openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-perl-1.0.2k-22.el7_9.x86_64.rpm openssl-static-1.0.2k-22.el7_9.i686.rpm openssl-static-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: openssl-1.0.2k-22.el7_9.src.rpm
x86_64: openssl-1.0.2k-22.el7_9.x86_64.rpm openssl-debuginfo-1.0.2k-22.el7_9.i686.rpm openssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm openssl-devel-1.0.2k-22.el7_9.i686.rpm openssl-devel-1.0.2k-22.el7_9.x86_64.rpm openssl-libs-1.0.2k-22.el7_9.i686.rpm openssl-libs-1.0.2k-22.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2021-05-25-5 Safari 14.1.1
Safari 14.1.1 addresses the following issues.
WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab, ASU. working with Trend Micro Zero Day Initiative CVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative
WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A cross-origin issue with iframe elements was addressed with improved tracking of security origins. CVE-2021-30744: Dan Hite of jsontop
WebKit Available for: macOS Catalina and macOS Mojave Impact: A malicious website may be able to access restricted ports on arbitrary servers Description: A logic issue was addressed with improved restrictions. CVE-2021-30720: David Schütz (@xdavidhu)
WebKit Available for: macOS Catalina and macOS Mojave Impact: A malicious application may be able to leak sensitive user information Description: A logic issue was addressed with improved restrictions. CVE-2021-30682: an anonymous researcher and 1lastBr3ath
WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-21779: Marcin Towalski of Cisco Talos
WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2021-30689: an anonymous researcher
WebKit Available for: macOS Catalina and macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2021-30663: an anonymous researcher
WebRTC Available for: macOS Catalina and macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: A null pointer dereference was addressed with improved input validation. CVE-2021-23841: Tavis Ormandy of Google CVE-2021-30698: Tavis Ormandy of Google
Additional recognition
WebKit We would like to acknowledge Chris Salls (@salls) of Makai Security for their assistance.
Installation note:
This update may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202103-03
https://security.gentoo.org/
Severity: Normal Title: OpenSSL: Multiple vulnerabilities Date: March 31, 2021 Bugs: #769785, #777681 ID: 202103-03
Synopsis
Multiple vulnerabilities have been found in OpenSSL, the worst of which could allow remote attackers to cause a Denial of Service condition.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-libs/openssl < 1.1.1k >= 1.1.1k
Description
Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All OpenSSL users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.1.1k"
References
[ 1 ] CVE-2021-23840 https://nvd.nist.gov/vuln/detail/CVE-2021-23840 [ 2 ] CVE-2021-23841 https://nvd.nist.gov/vuln/detail/CVE-2021-23841 [ 3 ] CVE-2021-3449 https://nvd.nist.gov/vuln/detail/CVE-2021-3449 [ 4 ] CVE-2021-3450 https://nvd.nist.gov/vuln/detail/CVE-2021-3450
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202103-03
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2021 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . Bugs fixed (https://bugzilla.redhat.com/):
1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment
- JIRA issues fixed (https://issues.jboss.org/):
LOG-1168 - Disable hostname verification in syslog TLS settings
LOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd
LOG-1375 - ssl_ca_cert should be optional
LOG-1378 - CLO should support sasl_plaintext(Password over http)
LOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate
LOG-1494 - Syslog output is serializing json incorrectly
LOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server
LOG-1575 - Rejected by Elasticsearch and unexpected json-parsing
LOG-1735 - Regression introducing flush_at_shutdown
LOG-1774 - The collector logs should be excluded in fluent.conf
LOG-1776 - fluentd total_limit_size sets value beyond available space
LOG-1822 - OpenShift Alerting Rules Style-Guide Compliance
LOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled
LOG-1862 - Unsupported kafka parameters when enabled Kafka SASL
LOG-1903 - Fix the Display of ClusterLogging type in OLM
LOG-1911 - CLF API changes to Opt-in to multiline error detection
LOG-1918 - Alert FluentdNodeDown always firing
LOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: ACS 3.67 security and enhancement update Advisory ID: RHSA-2021:4902-01 Product: RHACS Advisory URL: https://access.redhat.com/errata/RHSA-2021:4902 Issue date: 2021-12-01 CVE Names: CVE-2018-20673 CVE-2019-5827 CVE-2019-13750 CVE-2019-13751 CVE-2019-17594 CVE-2019-17595 CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 CVE-2020-12762 CVE-2020-13435 CVE-2020-14155 CVE-2020-16135 CVE-2020-24370 CVE-2020-27304 CVE-2021-3200 CVE-2021-3445 CVE-2021-3580 CVE-2021-3749 CVE-2021-3800 CVE-2021-3801 CVE-2021-20231 CVE-2021-20232 CVE-2021-20266 CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 CVE-2021-23343 CVE-2021-23840 CVE-2021-23841 CVE-2021-27645 CVE-2021-28153 CVE-2021-29923 CVE-2021-32690 CVE-2021-33560 CVE-2021-33574 CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-39293 =====================================================================
- Summary:
Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS).
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Description:
The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes:
OpenShift Dedicated support
RHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform.
-
Use OpenShift OAuth server as an identity provider If you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS.
-
Enhancements for CI outputs Red Hat has improved the usability of RHACS CI integrations. CI outputs now show additional detailed information about the vulnerabilities and the security policies responsible for broken builds.
-
Runtime Class policy criteria Users can now use RHACS to define the container runtime configuration that may be used to run a pod’s containers using the Runtime Class policy criteria.
Security Fix(es):
-
civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API (CVE-2020-27304)
-
nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)
-
nodejs-prismjs: ReDoS vulnerability (CVE-2021-3801)
-
golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)
-
helm: information disclosure vulnerability (CVE-2021-32690)
-
golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)
-
nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fixes The release of RHACS 3.67 includes the following bug fixes:
-
Previously, when using RHACS with the Compliance Operator integration, RHACS did not respect or populate Compliance Operator TailoredProfiles.
-
Previously, the Alpine Linux package manager (APK) in Image policy looked for the presence of apk package in the image rather than the apk-tools package. This issue has been fixed.
System changes The release of RHACS 3.67 includes the following system changes:
- Scanner now identifies vulnerabilities in Ubuntu 21.10 images.
- The Port exposure method policy criteria now include route as an exposure method.
- The OpenShift: Kubeadmin Secret Accessed security policy now allows the OpenShift Compliance Operator to check for the existence of the Kubeadmin secret without creating a violation.
- The OpenShift Compliance Operator integration now supports using TailoredProfiles.
- The RHACS Jenkins plugin now provides additional security information.
- When you enable the environment variable ROX_NETWORK_ACCESS_LOG for Central, the logs contain the Request URI and X-Forwarded-For header values.
- The default uid:gid pair for the Scanner image is now 65534:65534.
- RHACS adds a new default Scope Manager role that includes minimum permissions to create and modify access scopes.
- If microdnf is part of an image or shows up in process execution, RHACS reports it as a security violation for the Red Hat Package Manager in Image or the Red Hat Package Manager Execution security policies.
- In addition to manually uploading vulnerability definitions in offline mode, you can now upload definitions in online mode.
- You can now format the output of the following roxctl CLI commands in table, csv, or JSON format: image scan, image check & deployment check
-
You can now use a regular expression for the deployment name while specifying policy exclusions
-
Solution:
To take advantage of these new features, fixes and changes, please upgrade Red Hat Advanced Cluster Security for Kubernetes to version 3.67.
- Bugs fixed (https://bugzilla.redhat.com/):
1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe 1978144 - CVE-2021-32690 helm: information disclosure vulnerability 1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function 2005445 - CVE-2021-3801 nodejs-prismjs: ReDoS vulnerability 2006044 - CVE-2021-39293 golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) 2016640 - CVE-2020-27304 civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API
- JIRA issues fixed (https://issues.jboss.org/):
RHACS-65 - Release RHACS 3.67.0
- References:
https://access.redhat.com/security/cve/CVE-2018-20673 https://access.redhat.com/security/cve/CVE-2019-5827 https://access.redhat.com/security/cve/CVE-2019-13750 https://access.redhat.com/security/cve/CVE-2019-13751 https://access.redhat.com/security/cve/CVE-2019-17594 https://access.redhat.com/security/cve/CVE-2019-17595 https://access.redhat.com/security/cve/CVE-2019-18218 https://access.redhat.com/security/cve/CVE-2019-19603 https://access.redhat.com/security/cve/CVE-2019-20838 https://access.redhat.com/security/cve/CVE-2020-12762 https://access.redhat.com/security/cve/CVE-2020-13435 https://access.redhat.com/security/cve/CVE-2020-14155 https://access.redhat.com/security/cve/CVE-2020-16135 https://access.redhat.com/security/cve/CVE-2020-24370 https://access.redhat.com/security/cve/CVE-2020-27304 https://access.redhat.com/security/cve/CVE-2021-3200 https://access.redhat.com/security/cve/CVE-2021-3445 https://access.redhat.com/security/cve/CVE-2021-3580 https://access.redhat.com/security/cve/CVE-2021-3749 https://access.redhat.com/security/cve/CVE-2021-3800 https://access.redhat.com/security/cve/CVE-2021-3801 https://access.redhat.com/security/cve/CVE-2021-20231 https://access.redhat.com/security/cve/CVE-2021-20232 https://access.redhat.com/security/cve/CVE-2021-20266 https://access.redhat.com/security/cve/CVE-2021-22876 https://access.redhat.com/security/cve/CVE-2021-22898 https://access.redhat.com/security/cve/CVE-2021-22925 https://access.redhat.com/security/cve/CVE-2021-23343 https://access.redhat.com/security/cve/CVE-2021-23840 https://access.redhat.com/security/cve/CVE-2021-23841 https://access.redhat.com/security/cve/CVE-2021-27645 https://access.redhat.com/security/cve/CVE-2021-28153 https://access.redhat.com/security/cve/CVE-2021-29923 https://access.redhat.com/security/cve/CVE-2021-32690 https://access.redhat.com/security/cve/CVE-2021-33560 https://access.redhat.com/security/cve/CVE-2021-33574 https://access.redhat.com/security/cve/CVE-2021-35942 https://access.redhat.com/security/cve/CVE-2021-36084 https://access.redhat.com/security/cve/CVE-2021-36085 https://access.redhat.com/security/cve/CVE-2021-36086 https://access.redhat.com/security/cve/CVE-2021-36087 https://access.redhat.com/security/cve/CVE-2021-39293 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYafeGdzjgjWX9erEAQgZ8Q/9H5ov4ZfKZszdJu0WvRMetEt6DMU2RTZr Kjv4h4FnmsMDYYDocnkFvsRjcpdGxtoUShAqD6+FrTNXjPtA/v1tsQTJzhg4o50w tKa9T4aHfrYXjGvWgQXJJEGmGaYMYePUOv77x6pLfMB+FmgfOtb8kzOdNzAtqX3e lq8b2DrQuPSRiWkUgFM2hmS7OtUsqTIShqWu67HJdOY74qDN4DGp7GnG6inCrUjV x4/4X5Fb7JrAYiy57C5eZwYW61HmrG7YHk9SZTRYgRW0rfgLncVsny4lX1871Ch2 e8ttu0EJFM1EJyuCJwJd1Q+rhua6S1VSY+etLUuaYme5DtvozLXQTLUK31qAq/hK qnLYQjaSieea9j1dV6YNHjnvV0XGczyZYwzmys/CNVUxwvSHr1AJGmQ3zDeOt7Qz vguWmPzyiob3RtHjfUlUpPYeI6HVug801YK6FAoB9F2BW2uHVgbtKOwG5pl5urJt G4taizPtH8uJj5hem5nHnSE1sVGTiStb4+oj2LQonRkgLQ2h7tsX8Z8yWM/3TwUT PTBX9AIHwt8aCx7XxTeEIs0H9B1T9jYfy06o9H2547un9sBoT0Sm7fqKuJKic8N/ pJ2kXBiVJ9B4G+JjWe8rh1oC1yz5Q5/5HZ19VYBjHhYEhX4s9s2YsF1L1uMoT3NN T0pPNmsPGZY= =ux5P -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description:
Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provides a multicloud data management service with an S3 compatible API.
Bug Fix(es):
-
Previously, when the namespace store target was deleted, no alert was sent to the namespace bucket because of an issue in calculating the namespace bucket health. With this update, the issue in calculating the namespace bucket health is fixed and alerts are triggered as expected. (BZ#1993873)
-
Previously, the Multicloud Object Gateway (MCG) components performed slowly and there was a lot of pressure on the MCG components due to non-optimized database queries. With this update the non-optimized database queries are fixed which reduces the compute resources and time taken for queries. Bugs fixed (https://bugzilla.redhat.com/):
1993873 - [4.8.z clone] Alert NooBaaNamespaceBucketErrorState is not triggered when namespacestore's target bucket is deleted 2006958 - CVE-2020-26301 nodejs-ssh2: Command injection by calling vulnerable method with untrusted input
- Bugs fixed (https://bugzilla.redhat.com/):
1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option 1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option
- Description:
This release adds the new Apache HTTP Server 2.4.37 Service Pack 10 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202102-1488", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "business intelligence", scope: "eq", trust: 1, vendor: "oracle", version: "5.9.0.0.0", }, { model: "openssl", scope: "lt", trust: 1, vendor: "openssl", version: "1.1.1j", }, { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "20.3.1.2", }, { model: "mysql server", scope: "lt", trust: 1, vendor: "oracle", version: "8.0.23", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.12.1", }, { model: "essbase", scope: "eq", trust: 1, vendor: "oracle", version: "21.2", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "mysql enterprise monitor", scope: "lt", trust: 1, vendor: "oracle", version: "8.0.23", }, { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "21.0.0.2", }, { model: "jd edwards world security", scope: "eq", trust: 1, vendor: "oracle", version: "a9.4", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.11.0", }, { model: "tenable.sc", scope: "gte", trust: 1, vendor: "tenable", version: "5.13.0", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.57", }, { model: "sinec ins", scope: "lt", trust: 1, vendor: "siemens", version: "1.0", }, { model: "snapcenter", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.13.0", }, { model: "business intelligence", scope: "eq", trust: 1, vendor: "oracle", version: "5.5.0.0.0", }, { model: "safari", scope: "lt", trust: 1, vendor: "apple", version: "14.1.1", }, { model: "oncommand insight", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.11.1", }, { model: "ipados", scope: "lt", trust: 1, vendor: "apple", version: "14.6", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.58", }, { model: "oncommand workflow automation", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "openssl", scope: "gte", trust: 1, vendor: "openssl", version: "1.0.2", }, { model: "mysql server", scope: "gte", trust: 1, vendor: "oracle", version: "8.0.15", }, { model: "nessus network monitor", scope: "eq", trust: 1, vendor: "tenable", version: "5.12.0", }, { model: "zfs storage appliance kit", scope: "eq", trust: 1, vendor: "oracle", version: "8.8", }, { model: "business intelligence", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "mysql server", scope: "lt", trust: 1, vendor: "oracle", version: "5.7.33", }, { model: "enterprise manager for storage management", scope: "eq", trust: 1, vendor: "oracle", version: "13.4.0.0", }, { model: "sinec ins", scope: "eq", trust: 1, vendor: "siemens", version: "1.0", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.59", }, { model: "business intelligence", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "openssl", scope: "lt", trust: 1, vendor: "openssl", version: "1.0.2y", }, { model: "openssl", scope: "gte", trust: 1, vendor: "openssl", version: "1.1.1", }, { model: "communications cloud native core policy", scope: "eq", trust: 1, vendor: "oracle", version: "1.15.0", }, { model: "enterprise manager ops center", scope: "eq", trust: 1, vendor: "oracle", version: "12.4.0.0", }, { model: "graalvm", scope: "eq", trust: 1, vendor: "oracle", version: "19.3.5", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "11.4", }, { model: "tenable.sc", scope: "lte", trust: 1, vendor: "tenable", version: "5.17.0", }, { model: "iphone os", scope: "lt", trust: 1, vendor: "apple", version: "14.6", }, { model: "macos", scope: "gte", trust: 1, vendor: "apple", version: "11.1", }, { model: "hitachi device manager", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "rv3000", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "hitachi tuning manager", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "hitachi ops center common services", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "tenable.sc", scope: null, trust: 0.8, vendor: "tenable", version: null, }, { model: "openssl", scope: null, trust: 0.8, vendor: "openssl", version: null, }, { model: "hitachi ops center analyzer viewpoint", scope: null, trust: 0.8, vendor: "日立", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "164967", }, { db: "PACKETSTORM", id: "165129", }, { db: "PACKETSTORM", id: "165096", }, { db: "PACKETSTORM", id: "165002", }, { db: "PACKETSTORM", id: "164927", }, ], trust: 0.7, }, cve: "CVE-2021-23841", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "CVE-2021-23841", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 1.8, vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", exploitabilityScore: 8.6, id: "VHN-382524", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:N/I:N/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "HIGH", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", exploitabilityScore: 2.2, id: "CVE-2021-23841", impactScore: 3.6, integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, { attackComplexity: "High", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 5.9, baseSeverity: "Medium", confidentialityImpact: "None", exploitabilityScore: null, id: "CVE-2021-23841", impactScore: null, integrityImpact: "None", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-23841", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2021-23841", trust: 0.8, value: "Medium", }, { author: "VULHUB", id: "VHN-382524", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-382524", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). Please keep an eye on CNNVD or manufacturer announcements. Clusters and applications are all visible and\nmanaged from a single console—with\nsecurity policy built in. \n\nSecurity fixes: \n\n* nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a\npointer to a root domain name (CVE-2021-23017)\n\n* redis: Lua scripts can overflow the heap-based Lua stack (CVE-2021-32626)\n\n* redis: Integer overflow issue with Streams (CVE-2021-32627)\n\n* redis: Integer overflow bug in the ziplist data structure\n(CVE-2021-32628)\n\n* redis: Integer overflow issue with intsets (CVE-2021-32687)\n\n* redis: Integer overflow issue with strings (CVE-2021-41099)\n\n* redis: Out of bounds read in lua debugger protocol parser\n(CVE-2021-32672)\n\n* redis: Denial of service via Redis Standard Protocol (RESP) request\n(CVE-2021-32675)\n\n* helm: information disclosure vulnerability (CVE-2021-32690)\n\nBug fixes:\n\n* KUBE-API: Support move agent to different cluster in the same namespace\n(BZ# 1977358)\n\n* Add columns to the Agent CRD list (BZ# 1977398)\n\n* ClusterDeployment controller watches all Secrets from all namespaces (BZ#\n1986081)\n\n* RHACM 2.3.3 images (BZ# 1999365)\n\n* Workaround for Network Manager not supporting nmconnections priority (BZ#\n2001294)\n\n* create cluster page empty in Safary Browser (BZ# 2002280)\n\n* Compliance state doesn't get updated after fixing the issue causing\ninitially the policy not being able to update the managed object (BZ#\n2002667)\n\n* Overview page displays VMware based managed cluster as other (BZ#\n2004188)\n\n3. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name\n1977358 - [4.8.0] KUBE-API: Support move agent to different cluster in the same namespace\n1977398 - [4.8.0] [master] Add columns to the Agent CRD list\n1978144 - CVE-2021-32690 helm: information disclosure vulnerability\n1986081 - [4.8.0] ClusterDeployment controller watches all Secrets from all namespaces\n1999365 - RHACM 2.3.3 images\n2001294 - [4.8.0] Workaround for Network Manager not supporting nmconnections priority\n2002280 - create cluster page empty in Safary Browser\n2002667 - Compliance state doesn't get updated after fixing the issue causing initially the policy not being able to update the managed object\n2004188 - Overview page displays VMware based managed cluster as other\n2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets\n2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request\n2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser\n2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure\n2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams\n2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack\n2011020 - CVE-2021-41099 redis: Integer overflow issue with strings\n\n5. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. \n\nSecurity Fix(es):\n\n* openssl: integer overflow in CipherUpdate (CVE-2021-23840)\n\n* openssl: NULL pointer dereference in X509_issuer_and_serial_hash()\n(CVE-2021-23841)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library\nmust be restarted, or the system rebooted. Bugs fixed (https://bugzilla.redhat.com/):\n\n1930310 - CVE-2021-23841 openssl: NULL pointer dereference in X509_issuer_and_serial_hash()\n1930324 - CVE-2021-23840 openssl: integer overflow in CipherUpdate\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nopenssl-1.0.2k-22.el7_9.src.rpm\n\nx86_64:\nopenssl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-libs-1.0.2k-22.el7_9.i686.rpm\nopenssl-libs-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nopenssl-1.0.2k-22.el7_9.src.rpm\n\nx86_64:\nopenssl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-libs-1.0.2k-22.el7_9.i686.rpm\nopenssl-libs-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-devel-1.0.2k-22.el7_9.i686.rpm\nopenssl-devel-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-perl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-static-1.0.2k-22.el7_9.i686.rpm\nopenssl-static-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nopenssl-1.0.2k-22.el7_9.src.rpm\n\nppc64:\nopenssl-1.0.2k-22.el7_9.ppc64.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc64.rpm\nopenssl-devel-1.0.2k-22.el7_9.ppc.rpm\nopenssl-devel-1.0.2k-22.el7_9.ppc64.rpm\nopenssl-libs-1.0.2k-22.el7_9.ppc.rpm\nopenssl-libs-1.0.2k-22.el7_9.ppc64.rpm\n\nppc64le:\nopenssl-1.0.2k-22.el7_9.ppc64le.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc64le.rpm\nopenssl-devel-1.0.2k-22.el7_9.ppc64le.rpm\nopenssl-libs-1.0.2k-22.el7_9.ppc64le.rpm\n\ns390x:\nopenssl-1.0.2k-22.el7_9.s390x.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.s390.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.s390x.rpm\nopenssl-devel-1.0.2k-22.el7_9.s390.rpm\nopenssl-devel-1.0.2k-22.el7_9.s390x.rpm\nopenssl-libs-1.0.2k-22.el7_9.s390.rpm\nopenssl-libs-1.0.2k-22.el7_9.s390x.rpm\n\nx86_64:\nopenssl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-devel-1.0.2k-22.el7_9.i686.rpm\nopenssl-devel-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-libs-1.0.2k-22.el7_9.i686.rpm\nopenssl-libs-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc64.rpm\nopenssl-perl-1.0.2k-22.el7_9.ppc64.rpm\nopenssl-static-1.0.2k-22.el7_9.ppc.rpm\nopenssl-static-1.0.2k-22.el7_9.ppc64.rpm\n\nppc64le:\nopenssl-debuginfo-1.0.2k-22.el7_9.ppc64le.rpm\nopenssl-perl-1.0.2k-22.el7_9.ppc64le.rpm\nopenssl-static-1.0.2k-22.el7_9.ppc64le.rpm\n\ns390x:\nopenssl-debuginfo-1.0.2k-22.el7_9.s390.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.s390x.rpm\nopenssl-perl-1.0.2k-22.el7_9.s390x.rpm\nopenssl-static-1.0.2k-22.el7_9.s390.rpm\nopenssl-static-1.0.2k-22.el7_9.s390x.rpm\n\nx86_64:\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-perl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-static-1.0.2k-22.el7_9.i686.rpm\nopenssl-static-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nopenssl-1.0.2k-22.el7_9.src.rpm\n\nx86_64:\nopenssl-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.i686.rpm\nopenssl-debuginfo-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-devel-1.0.2k-22.el7_9.i686.rpm\nopenssl-devel-1.0.2k-22.el7_9.x86_64.rpm\nopenssl-libs-1.0.2k-22.el7_9.i686.rpm\nopenssl-libs-1.0.2k-22.el7_9.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2021-05-25-5 Safari 14.1.1\n\nSafari 14.1.1 addresses the following issues. \n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab,\nASU. working with Trend Micro Zero Day Initiative\nCVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems)\nworking with Trend Micro Zero Day Initiative\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A cross-origin issue with iframe elements was addressed\nwith improved tracking of security origins. \nCVE-2021-30744: Dan Hite of jsontop\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: A malicious website may be able to access restricted ports on\narbitrary servers\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30720: David Schütz (@xdavidhu)\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: A malicious application may be able to leak sensitive user\ninformation\nDescription: A logic issue was addressed with improved restrictions. \nCVE-2021-30682: an anonymous researcher and 1lastBr3ath\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2021-21779: Marcin Towalski of Cisco Talos\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2021-30689: an anonymous researcher\n\nWebKit\nAvailable for: macOS Catalina and macOS Mojave\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2021-30663: an anonymous researcher\n\nWebRTC\nAvailable for: macOS Catalina and macOS Mojave\nImpact: A remote attacker may be able to cause a denial of service\nDescription: A null pointer dereference was addressed with improved\ninput validation. \nCVE-2021-23841: Tavis Ormandy of Google\nCVE-2021-30698: Tavis Ormandy of Google\n\nAdditional recognition\n\nWebKit\nWe would like to acknowledge Chris Salls (@salls) of Makai Security\nfor their assistance. \n\nInstallation note:\n\nThis update may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202103-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: OpenSSL: Multiple vulnerabilities\n Date: March 31, 2021\n Bugs: #769785, #777681\n ID: 202103-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in OpenSSL, the worst of which\ncould allow remote attackers to cause a Denial of Service condition. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-libs/openssl < 1.1.1k >= 1.1.1k\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review\nthe CVE identifiers referenced below for details. \n\nImpact\n======\n\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll OpenSSL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.1.1k\"\n\nReferences\n==========\n\n[ 1 ] CVE-2021-23840\n https://nvd.nist.gov/vuln/detail/CVE-2021-23840\n[ 2 ] CVE-2021-23841\n https://nvd.nist.gov/vuln/detail/CVE-2021-23841\n[ 3 ] CVE-2021-3449\n https://nvd.nist.gov/vuln/detail/CVE-2021-3449\n[ 4 ] CVE-2021-3450\n https://nvd.nist.gov/vuln/detail/CVE-2021-3450\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202103-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2021 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963232 - CVE-2021-33194 golang: x/net/html: infinite loop in ParseFragment\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-1168 - Disable hostname verification in syslog TLS settings\nLOG-1235 - Using HTTPS without a secret does not translate into the correct 'scheme' value in Fluentd\nLOG-1375 - ssl_ca_cert should be optional\nLOG-1378 - CLO should support sasl_plaintext(Password over http)\nLOG-1392 - In fluentd config, flush_interval can't be set with flush_mode=immediate\nLOG-1494 - Syslog output is serializing json incorrectly\nLOG-1555 - Fluentd logs emit transaction failed: error_class=NoMethodError while forwarding to external syslog server\nLOG-1575 - Rejected by Elasticsearch and unexpected json-parsing\nLOG-1735 - Regression introducing flush_at_shutdown \nLOG-1774 - The collector logs should be excluded in fluent.conf\nLOG-1776 - fluentd total_limit_size sets value beyond available space\nLOG-1822 - OpenShift Alerting Rules Style-Guide Compliance\nLOG-1859 - CLO Should not error and exit early on missing ca-bundle when cluster wide proxy is not enabled\nLOG-1862 - Unsupported kafka parameters when enabled Kafka SASL\nLOG-1903 - Fix the Display of ClusterLogging type in OLM\nLOG-1911 - CLF API changes to Opt-in to multiline error detection\nLOG-1918 - Alert `FluentdNodeDown` always firing \nLOG-1939 - Opt-in multiline detection breaks cloudwatch forwarding\n\n6. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: ACS 3.67 security and enhancement update\nAdvisory ID: RHSA-2021:4902-01\nProduct: RHACS\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:4902\nIssue date: 2021-12-01\nCVE Names: CVE-2018-20673 CVE-2019-5827 CVE-2019-13750 \n CVE-2019-13751 CVE-2019-17594 CVE-2019-17595 \n CVE-2019-18218 CVE-2019-19603 CVE-2019-20838 \n CVE-2020-12762 CVE-2020-13435 CVE-2020-14155 \n CVE-2020-16135 CVE-2020-24370 CVE-2020-27304 \n CVE-2021-3200 CVE-2021-3445 CVE-2021-3580 \n CVE-2021-3749 CVE-2021-3800 CVE-2021-3801 \n CVE-2021-20231 CVE-2021-20232 CVE-2021-20266 \n CVE-2021-22876 CVE-2021-22898 CVE-2021-22925 \n CVE-2021-23343 CVE-2021-23840 CVE-2021-23841 \n CVE-2021-27645 CVE-2021-28153 CVE-2021-29923 \n CVE-2021-32690 CVE-2021-33560 CVE-2021-33574 \n CVE-2021-35942 CVE-2021-36084 CVE-2021-36085 \n CVE-2021-36086 CVE-2021-36087 CVE-2021-39293 \n=====================================================================\n\n1. Summary:\n\nUpdated images are now available for Red Hat Advanced Cluster Security for\nKubernetes (RHACS). \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Description:\n\nThe release of RHACS 3.67 provides the following new features, bug fixes,\nsecurity patches and system changes:\n\nOpenShift Dedicated support\n\nRHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on\nAmazon Web Services and Google Cloud Platform. \n\n1. Use OpenShift OAuth server as an identity provider\nIf you are using RHACS with OpenShift, you can now configure the built-in\nOpenShift OAuth server as an identity provider for RHACS. \n\n2. Enhancements for CI outputs\nRed Hat has improved the usability of RHACS CI integrations. CI outputs now\nshow additional detailed information about the vulnerabilities and the\nsecurity policies responsible for broken builds. \n\n3. Runtime Class policy criteria\nUsers can now use RHACS to define the container runtime configuration that\nmay be used to run a pod’s containers using the Runtime Class policy\ncriteria. \n\nSecurity Fix(es):\n\n* civetweb: directory traversal when using the built-in example HTTP\nform-based file upload mechanism via the mg_handle_form_request API\n(CVE-2020-27304)\n\n* nodejs-axios: Regular expression denial of service in trim function\n(CVE-2021-3749)\n\n* nodejs-prismjs: ReDoS vulnerability (CVE-2021-3801)\n\n* golang: net: incorrect parsing of extraneous zero characters at the\nbeginning of an IP address octet (CVE-2021-29923)\n\n* helm: information disclosure vulnerability (CVE-2021-32690)\n\n* golang: archive/zip: malformed archive may cause panic or memory\nexhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe\n(CVE-2021-23343)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fixes\nThe release of RHACS 3.67 includes the following bug fixes:\n\n1. Previously, when using RHACS with the Compliance Operator integration,\nRHACS did not respect or populate Compliance Operator TailoredProfiles. \n\n2. Previously, the Alpine Linux package manager (APK) in Image policy\nlooked for the presence of apk package in the image rather than the\napk-tools package. This issue has been fixed. \n\nSystem changes\nThe release of RHACS 3.67 includes the following system changes:\n\n1. Scanner now identifies vulnerabilities in Ubuntu 21.10 images. \n2. The Port exposure method policy criteria now include route as an\nexposure method. \n3. The OpenShift: Kubeadmin Secret Accessed security policy now allows the\nOpenShift Compliance Operator to check for the existence of the Kubeadmin\nsecret without creating a violation. \n4. The OpenShift Compliance Operator integration now supports using\nTailoredProfiles. \n5. The RHACS Jenkins plugin now provides additional security information. \n6. When you enable the environment variable ROX_NETWORK_ACCESS_LOG for\nCentral, the logs contain the Request URI and X-Forwarded-For header\nvalues. \n7. The default uid:gid pair for the Scanner image is now 65534:65534. \n8. RHACS adds a new default Scope Manager role that includes minimum\npermissions to create and modify access scopes. \n9. If microdnf is part of an image or shows up in process execution, RHACS\nreports it as a security violation for the Red Hat Package Manager in Image\nor the Red Hat Package Manager Execution security policies. \n10. In addition to manually uploading vulnerability definitions in offline\nmode, you can now upload definitions in online mode. \n11. You can now format the output of the following roxctl CLI commands in\ntable, csv, or JSON format: image scan, image check & deployment check\n12. You can now use a regular expression for the deployment name while\nspecifying policy exclusions\n\n3. Solution:\n\nTo take advantage of these new features, fixes and changes, please upgrade\nRed Hat Advanced Cluster Security for Kubernetes to version 3.67. \n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe\n1978144 - CVE-2021-32690 helm: information disclosure vulnerability\n1992006 - CVE-2021-29923 golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet\n1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function\n2005445 - CVE-2021-3801 nodejs-prismjs: ReDoS vulnerability\n2006044 - CVE-2021-39293 golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196)\n2016640 - CVE-2020-27304 civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nRHACS-65 - Release RHACS 3.67.0\n\n6. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-20673\nhttps://access.redhat.com/security/cve/CVE-2019-5827\nhttps://access.redhat.com/security/cve/CVE-2019-13750\nhttps://access.redhat.com/security/cve/CVE-2019-13751\nhttps://access.redhat.com/security/cve/CVE-2019-17594\nhttps://access.redhat.com/security/cve/CVE-2019-17595\nhttps://access.redhat.com/security/cve/CVE-2019-18218\nhttps://access.redhat.com/security/cve/CVE-2019-19603\nhttps://access.redhat.com/security/cve/CVE-2019-20838\nhttps://access.redhat.com/security/cve/CVE-2020-12762\nhttps://access.redhat.com/security/cve/CVE-2020-13435\nhttps://access.redhat.com/security/cve/CVE-2020-14155\nhttps://access.redhat.com/security/cve/CVE-2020-16135\nhttps://access.redhat.com/security/cve/CVE-2020-24370\nhttps://access.redhat.com/security/cve/CVE-2020-27304\nhttps://access.redhat.com/security/cve/CVE-2021-3200\nhttps://access.redhat.com/security/cve/CVE-2021-3445\nhttps://access.redhat.com/security/cve/CVE-2021-3580\nhttps://access.redhat.com/security/cve/CVE-2021-3749\nhttps://access.redhat.com/security/cve/CVE-2021-3800\nhttps://access.redhat.com/security/cve/CVE-2021-3801\nhttps://access.redhat.com/security/cve/CVE-2021-20231\nhttps://access.redhat.com/security/cve/CVE-2021-20232\nhttps://access.redhat.com/security/cve/CVE-2021-20266\nhttps://access.redhat.com/security/cve/CVE-2021-22876\nhttps://access.redhat.com/security/cve/CVE-2021-22898\nhttps://access.redhat.com/security/cve/CVE-2021-22925\nhttps://access.redhat.com/security/cve/CVE-2021-23343\nhttps://access.redhat.com/security/cve/CVE-2021-23840\nhttps://access.redhat.com/security/cve/CVE-2021-23841\nhttps://access.redhat.com/security/cve/CVE-2021-27645\nhttps://access.redhat.com/security/cve/CVE-2021-28153\nhttps://access.redhat.com/security/cve/CVE-2021-29923\nhttps://access.redhat.com/security/cve/CVE-2021-32690\nhttps://access.redhat.com/security/cve/CVE-2021-33560\nhttps://access.redhat.com/security/cve/CVE-2021-33574\nhttps://access.redhat.com/security/cve/CVE-2021-35942\nhttps://access.redhat.com/security/cve/CVE-2021-36084\nhttps://access.redhat.com/security/cve/CVE-2021-36085\nhttps://access.redhat.com/security/cve/CVE-2021-36086\nhttps://access.redhat.com/security/cve/CVE-2021-36087\nhttps://access.redhat.com/security/cve/CVE-2021-39293\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n7. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYafeGdzjgjWX9erEAQgZ8Q/9H5ov4ZfKZszdJu0WvRMetEt6DMU2RTZr\nKjv4h4FnmsMDYYDocnkFvsRjcpdGxtoUShAqD6+FrTNXjPtA/v1tsQTJzhg4o50w\ntKa9T4aHfrYXjGvWgQXJJEGmGaYMYePUOv77x6pLfMB+FmgfOtb8kzOdNzAtqX3e\nlq8b2DrQuPSRiWkUgFM2hmS7OtUsqTIShqWu67HJdOY74qDN4DGp7GnG6inCrUjV\nx4/4X5Fb7JrAYiy57C5eZwYW61HmrG7YHk9SZTRYgRW0rfgLncVsny4lX1871Ch2\ne8ttu0EJFM1EJyuCJwJd1Q+rhua6S1VSY+etLUuaYme5DtvozLXQTLUK31qAq/hK\nqnLYQjaSieea9j1dV6YNHjnvV0XGczyZYwzmys/CNVUxwvSHr1AJGmQ3zDeOt7Qz\nvguWmPzyiob3RtHjfUlUpPYeI6HVug801YK6FAoB9F2BW2uHVgbtKOwG5pl5urJt\nG4taizPtH8uJj5hem5nHnSE1sVGTiStb4+oj2LQonRkgLQ2h7tsX8Z8yWM/3TwUT\nPTBX9AIHwt8aCx7XxTeEIs0H9B1T9jYfy06o9H2547un9sBoT0Sm7fqKuJKic8N/\npJ2kXBiVJ9B4G+JjWe8rh1oC1yz5Q5/5HZ19VYBjHhYEhX4s9s2YsF1L1uMoT3NN\nT0pPNmsPGZY=\n=ux5P\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nRed Hat OpenShift Container Storage is software-defined storage integrated\nwith and optimized for the Red Hat OpenShift Container Platform. \nRed Hat OpenShift Container Storage is highly scalable, production-grade\npersistent storage for stateful applications running in the Red Hat\nOpenShift Container Platform. In addition to persistent storage, Red Hat\nOpenShift Container Storage provides a multicloud data management service\nwith an S3 compatible API. \n\nBug Fix(es):\n\n* Previously, when the namespace store target was deleted, no alert was\nsent to the namespace bucket because of an issue in calculating the\nnamespace bucket health. With this update, the issue in calculating the\nnamespace bucket health is fixed and alerts are triggered as expected. \n(BZ#1993873)\n\n* Previously, the Multicloud Object Gateway (MCG) components performed\nslowly and there was a lot of pressure on the MCG components due to\nnon-optimized database queries. With this update the non-optimized\ndatabase queries are fixed which reduces the compute resources and time\ntaken for queries. Bugs fixed (https://bugzilla.redhat.com/):\n\n1993873 - [4.8.z clone] Alert NooBaaNamespaceBucketErrorState is not triggered when namespacestore's target bucket is deleted\n2006958 - CVE-2020-26301 nodejs-ssh2: Command injection by calling vulnerable method with untrusted input\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1948761 - CVE-2021-23369 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option\n1956688 - CVE-2021-23383 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option\n\n5. Description:\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 10\npackages that are part of the JBoss Core Services offering. \n\nThis release serves as a replacement for Red Hat JBoss Core Services Apache\nHTTP Server 2.4.37 Service Pack 9 and includes bug fixes and enhancements. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied", sources: [ { db: "NVD", id: "CVE-2021-23841", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "VULHUB", id: "VHN-382524", }, { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "162824", }, { db: "PACKETSTORM", id: "162041", }, { db: "PACKETSTORM", id: "164967", }, { db: "PACKETSTORM", id: "165129", }, { db: "PACKETSTORM", id: "165096", }, { db: "PACKETSTORM", id: "165002", }, { db: "PACKETSTORM", id: "164927", }, ], trust: 2.52, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-382524", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-382524", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-23841", trust: 3.6, }, { db: "TENABLE", id: "TNS-2021-03", trust: 1.1, }, { db: "TENABLE", id: "TNS-2021-09", trust: 1.1, }, { db: "PULSESECURE", id: "SA44846", trust: 1.1, }, { db: "SIEMENS", id: "SSA-637483", trust: 1.1, }, { db: "ICS CERT", id: "ICSA-22-258-05", trust: 0.8, }, { db: "ICS CERT", id: "ICSA-21-336-06", trust: 0.8, }, { db: "JVN", id: "JVNVU94508446", trust: 0.8, }, { db: "JVN", id: "JVNVU99475301", trust: 0.8, }, { db: "JVN", id: "JVNVU90348129", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-001396", trust: 0.8, }, { db: "PACKETSTORM", id: "165096", trust: 0.2, }, { db: "PACKETSTORM", id: "162824", trust: 0.2, }, { db: "PACKETSTORM", id: "164927", trust: 0.2, }, { db: "PACKETSTORM", id: "165002", trust: 0.2, }, { db: "PACKETSTORM", id: "165129", trust: 0.2, }, { db: "PACKETSTORM", id: "162041", trust: 0.2, }, { db: "PACKETSTORM", id: "162151", trust: 0.1, }, { db: "PACKETSTORM", id: "164583", trust: 0.1, }, { db: "PACKETSTORM", id: "161525", trust: 0.1, }, { db: "PACKETSTORM", id: "165099", trust: 0.1, }, { db: "PACKETSTORM", id: "162823", trust: 0.1, }, { db: "PACKETSTORM", id: "164928", trust: 0.1, }, { db: "PACKETSTORM", id: "164889", trust: 0.1, }, { db: "PACKETSTORM", id: "162826", trust: 0.1, }, { db: "PACKETSTORM", id: "164890", trust: 0.1, }, { db: "PACKETSTORM", id: "161459", trust: 0.1, }, { db: "VULHUB", id: "VHN-382524", trust: 0.1, }, { db: "PACKETSTORM", id: "164562", trust: 0.1, }, { db: "PACKETSTORM", id: "164489", trust: 0.1, }, { db: "PACKETSTORM", id: "164967", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-382524", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "162824", }, { db: "PACKETSTORM", id: "162041", }, { db: "PACKETSTORM", id: "164967", }, { db: "PACKETSTORM", id: "165129", }, { db: "PACKETSTORM", id: "165096", }, { db: "PACKETSTORM", id: "165002", }, { db: "PACKETSTORM", id: "164927", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, id: "VAR-202102-1488", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-382524", }, ], trust: 0.30766129, }, last_update_date: "2024-11-29T21:27:51.722000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "hitachi-sec-2023-126", trust: 0.8, url: "https://www.debian.org/security/2021/dsa-4855", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2021-001396", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-476", trust: 1.1, }, { problemtype: "Integer overflow or wraparound (CWE-190) [NVD evaluation ]", trust: 0.8, }, { problemtype: "CWE-190", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-382524", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23841", }, { trust: 1.2, url: "https://security.gentoo.org/glsa/202103-03", }, { trust: 1.1, url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { trust: 1.1, url: "https://kb.pulsesecure.net/articles/pulse_security_advisories/sa44846", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { trust: 1.1, url: "https://support.apple.com/kb/ht212528", }, { trust: 1.1, url: "https://support.apple.com/kb/ht212529", }, { trust: 1.1, url: "https://support.apple.com/kb/ht212534", }, { trust: 1.1, url: "https://www.openssl.org/news/secadv/20210216.txt", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-03", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2021-09", }, { trust: 1.1, url: "https://www.debian.org/security/2021/dsa-4855", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2021/may/67", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2021/may/70", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2021/may/68", }, { trust: 1.1, url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { trust: 1, url: "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { trust: 1, url: "https://git.openssl.org/gitweb/?p=openssl.git%3ba=commitdiff%3bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { trust: 1, url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu94508446/index.html", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu90348129/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu99475301/", }, { trust: 0.8, url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-336-06", }, { trust: 0.8, url: "https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05", }, { trust: 0.7, url: "https://access.redhat.com/security/cve/cve-2021-23840", }, { trust: 0.7, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.7, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.7, url: "https://access.redhat.com/security/cve/cve-2021-23841", }, { trust: 0.7, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23840", }, { trust: 0.7, url: "https://bugzilla.redhat.com/):", }, { trust: 0.5, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2020-14155", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2019-20838", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14155", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20838", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-24370", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13435", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12762", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17594", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-17594", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5827", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-3800", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-33574", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19603", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-24370", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-3445", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-3200", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-22876", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-16135", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13750", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-17595", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-36085", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-19603", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-13750", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-20231", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-3580", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-16135", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13751", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17595", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-20266", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-27645", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-22925", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-22898", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-36087", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-13751", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-35942", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-12762", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2020-13435", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-36086", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-28153", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-20232", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-33560", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-18218", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2019-5827", }, { trust: 0.4, url: "https://access.redhat.com/security/cve/cve-2021-36084", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-18218", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://issues.jboss.org/):", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-3426", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-3572", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2018-20673", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2018-20673", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-3778", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2021-3796", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22925", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22876", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20232", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22898", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20231", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27645", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20266", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2021-32690", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2021-42574", }, { trust: 0.2, url: "https://docs.openshift.com/container-platform/4.9/release_notes/ocp-4-9-release-notes.html", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-28153", }, { trust: 0.1, url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { trust: 0.1, url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-21670", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-25648", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22922", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36222", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32626", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32687", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22543", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-37750", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-21670", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32626", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41099", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-25741", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22923", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23017", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32675", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3656", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3653", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3656", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22543", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22924", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-37750", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22922", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-25648", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-21671", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-4658", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22924", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32675", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-4658", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3925", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-41099", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3653", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32627", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32687", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-37576", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32690", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32628", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-21671", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-32672", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-36222", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23017", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-25741", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32627", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32672", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22923", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-32628", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-37576", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:3798", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30698", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30744", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30663", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-21779", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30689", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30749", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30720", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30682", }, { trust: 0.1, url: "https://support.apple.com/ht212534.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30734", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3450", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3449", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23133", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3573", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35521", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-25014", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35522", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26141", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-27777", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26147", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-14615", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-17541", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36386", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36332", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-29650", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14145", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25009", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24587", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26144", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-25012", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36331", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-29155", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33033", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25010", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20197", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3487", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-0427", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36312", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-31829", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-10001", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-31440", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-25009", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26145", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3564", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-10001", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35448", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3489", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-17541", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-24503", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-28971", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-25013", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26146", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26139", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3679", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35524", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24588", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36158", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24504", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33194", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25013", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-36330", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3348", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24503", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20284", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-29646", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-31535", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-0427", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25014", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-14615", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3481", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24502", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-0129", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3635", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26143", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-29368", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14145", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35523", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20194", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3659", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33200", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-29660", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26140", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3600", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2018-25010", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24586", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20239", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-24502", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3732", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-28950", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4627", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-31916", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25012", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23343", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-27304", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-39293", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-29923", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3749", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4902", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23343", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-27304", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3801", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4845", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20095", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-28493", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-42771", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-26301", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-26301", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-28957", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-8037", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-8037", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20095", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-28493", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23369", }, { trust: 0.1, url: "https://access.redhat.com/security/updates/classification/#low", }, { trust: 0.1, url: "https://docs.openshift.com/container-platform/4.9/logging/cluster-logging-upgrading.html", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-23383", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23369", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-23383", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4032", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26691", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13950", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-26690", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-17567", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-35452", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-26691", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-26690", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3712", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4614", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-30641", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-30641", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17567", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13950", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-35452", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3712", }, ], sources: [ { db: "VULHUB", id: "VHN-382524", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "162824", }, { db: "PACKETSTORM", id: "162041", }, { db: "PACKETSTORM", id: "164967", }, { db: "PACKETSTORM", id: "165129", }, { db: "PACKETSTORM", id: "165096", }, { db: "PACKETSTORM", id: "165002", }, { db: "PACKETSTORM", id: "164927", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-382524", }, { db: "JVNDB", id: "JVNDB-2021-001396", }, { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "162824", }, { db: "PACKETSTORM", id: "162041", }, { db: "PACKETSTORM", id: "164967", }, { db: "PACKETSTORM", id: "165129", }, { db: "PACKETSTORM", id: "165096", }, { db: "PACKETSTORM", id: "165002", }, { db: "PACKETSTORM", id: "164927", }, { db: "NVD", id: "CVE-2021-23841", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-02-16T00:00:00", db: "VULHUB", id: "VHN-382524", }, { date: "2021-05-14T00:00:00", db: "JVNDB", id: "JVNDB-2021-001396", }, { date: "2021-10-20T15:45:47", db: "PACKETSTORM", id: "164562", }, { date: "2021-10-13T14:47:32", db: "PACKETSTORM", id: "164489", }, { date: "2021-05-26T17:48:26", db: "PACKETSTORM", id: "162824", }, { date: "2021-03-31T14:36:01", db: "PACKETSTORM", id: "162041", }, { date: "2021-11-15T17:25:56", db: "PACKETSTORM", id: "164967", }, { date: "2021-12-02T16:06:16", db: "PACKETSTORM", id: "165129", }, { date: "2021-11-29T18:12:32", db: "PACKETSTORM", id: "165096", }, { date: "2021-11-17T15:25:40", db: "PACKETSTORM", id: "165002", }, { date: "2021-11-11T14:53:11", db: "PACKETSTORM", id: "164927", }, { date: "2021-02-16T17:15:13.377000", db: "NVD", id: "CVE-2021-23841", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-09T00:00:00", db: "VULHUB", id: "VHN-382524", }, { date: "2023-07-20T06:25:00", db: "JVNDB", id: "JVNDB-2021-001396", }, { date: "2024-11-21T05:51:55.460000", db: "NVD", id: "CVE-2021-23841", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "162041", }, { db: "PACKETSTORM", id: "165129", }, ], trust: 0.2, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "OpenSSL In NULL Pointer dereference vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2021-001396", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "overflow", sources: [ { db: "PACKETSTORM", id: "164562", }, { db: "PACKETSTORM", id: "164489", }, { db: "PACKETSTORM", id: "164927", }, ], trust: 0.3, }, }
var-202010-1571
Vulnerability from variot
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. PHP Contains a cryptographic vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A buffer error vulnerability exists in PHP versions 7.2.0, 7.3.0 and 7.4.0 due to the fact that the 'mbfl_filt_conv_big5_wchar' function does not check bounds properly. A remote attacker could exploit this vulnerability with specially crafted parameters to execute arbitrary code on the system or cause an application to crash. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Moderate: rh-php73-php security, bug fix, and enhancement update Advisory ID: RHSA-2021:2992-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:2992 Issue date: 2021-08-03 CVE Names: CVE-2020-7068 CVE-2020-7069 CVE-2020-7070 CVE-2020-7071 CVE-2021-21702 CVE-2021-21705 ==================================================================== 1. Summary:
An update for rh-php73-php is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.
The following packages have been upgraded to a later upstream version: rh-php73-php (7.3.29). (BZ#1977764)
Security Fix(es):
-
php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV (CVE-2020-7069)
-
php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo (CVE-2020-7071)
-
php: SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705)
-
php: Use of freed hash key in the phar_parse_zipfile function (CVE-2020-7068)
-
php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server (CVE-2020-7070)
-
php: NULL pointer dereference in SoapClient (CVE-2021-21702)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1868109 - CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function 1885735 - CVE-2020-7069 php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV 1885738 - CVE-2020-7070 php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server 1913846 - CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo 1925272 - CVE-2021-21702 php: NULL pointer dereference in SoapClient 1977764 - PDO ODBC truncates BLOB records at every 256th byte [rhscl-3.7.z] 1978755 - CVE-2021-21705 php: SSRF bypass in FILTER_VALIDATE_URL
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: rh-php73-php-7.3.29-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.29-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm rh-php73-php-common-7.3.29-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm rh-php73-php-json-7.3.29-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm rh-php73-php-process-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.29-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm rh-php73-php-cli-7.3.29-1.el7.s390x.rpm rh-php73-php-common-7.3.29-1.el7.s390x.rpm rh-php73-php-dba-7.3.29-1.el7.s390x.rpm rh-php73-php-dbg-7.3.29-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm rh-php73-php-devel-7.3.29-1.el7.s390x.rpm rh-php73-php-embedded-7.3.29-1.el7.s390x.rpm rh-php73-php-enchant-7.3.29-1.el7.s390x.rpm rh-php73-php-fpm-7.3.29-1.el7.s390x.rpm rh-php73-php-gd-7.3.29-1.el7.s390x.rpm rh-php73-php-gmp-7.3.29-1.el7.s390x.rpm rh-php73-php-intl-7.3.29-1.el7.s390x.rpm rh-php73-php-json-7.3.29-1.el7.s390x.rpm rh-php73-php-ldap-7.3.29-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm rh-php73-php-odbc-7.3.29-1.el7.s390x.rpm rh-php73-php-opcache-7.3.29-1.el7.s390x.rpm rh-php73-php-pdo-7.3.29-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm rh-php73-php-process-7.3.29-1.el7.s390x.rpm rh-php73-php-pspell-7.3.29-1.el7.s390x.rpm rh-php73-php-recode-7.3.29-1.el7.s390x.rpm rh-php73-php-snmp-7.3.29-1.el7.s390x.rpm rh-php73-php-soap-7.3.29-1.el7.s390x.rpm rh-php73-php-xml-7.3.29-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm rh-php73-php-zip-7.3.29-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.29-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm rh-php73-php-common-7.3.29-1.el7.x86_64.rpm rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm rh-php73-php-json-7.3.29-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm rh-php73-php-process-7.3.29-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):
Source: rh-php73-php-7.3.29-1.el7.src.rpm
ppc64le: rh-php73-php-7.3.29-1.el7.ppc64le.rpm rh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm rh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm rh-php73-php-common-7.3.29-1.el7.ppc64le.rpm rh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm rh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm rh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm rh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm rh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm rh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm rh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm rh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm rh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm rh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm rh-php73-php-json-7.3.29-1.el7.ppc64le.rpm rh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm rh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm rh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm rh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm rh-php73-php-process-7.3.29-1.el7.ppc64le.rpm rh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm rh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm rh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm rh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm rh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm rh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm
s390x: rh-php73-php-7.3.29-1.el7.s390x.rpm rh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm rh-php73-php-cli-7.3.29-1.el7.s390x.rpm rh-php73-php-common-7.3.29-1.el7.s390x.rpm rh-php73-php-dba-7.3.29-1.el7.s390x.rpm rh-php73-php-dbg-7.3.29-1.el7.s390x.rpm rh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm rh-php73-php-devel-7.3.29-1.el7.s390x.rpm rh-php73-php-embedded-7.3.29-1.el7.s390x.rpm rh-php73-php-enchant-7.3.29-1.el7.s390x.rpm rh-php73-php-fpm-7.3.29-1.el7.s390x.rpm rh-php73-php-gd-7.3.29-1.el7.s390x.rpm rh-php73-php-gmp-7.3.29-1.el7.s390x.rpm rh-php73-php-intl-7.3.29-1.el7.s390x.rpm rh-php73-php-json-7.3.29-1.el7.s390x.rpm rh-php73-php-ldap-7.3.29-1.el7.s390x.rpm rh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm rh-php73-php-odbc-7.3.29-1.el7.s390x.rpm rh-php73-php-opcache-7.3.29-1.el7.s390x.rpm rh-php73-php-pdo-7.3.29-1.el7.s390x.rpm rh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm rh-php73-php-process-7.3.29-1.el7.s390x.rpm rh-php73-php-pspell-7.3.29-1.el7.s390x.rpm rh-php73-php-recode-7.3.29-1.el7.s390x.rpm rh-php73-php-snmp-7.3.29-1.el7.s390x.rpm rh-php73-php-soap-7.3.29-1.el7.s390x.rpm rh-php73-php-xml-7.3.29-1.el7.s390x.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm rh-php73-php-zip-7.3.29-1.el7.s390x.rpm
x86_64: rh-php73-php-7.3.29-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm rh-php73-php-common-7.3.29-1.el7.x86_64.rpm rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm rh-php73-php-json-7.3.29-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm rh-php73-php-process-7.3.29-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: rh-php73-php-7.3.29-1.el7.src.rpm
x86_64: rh-php73-php-7.3.29-1.el7.x86_64.rpm rh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm rh-php73-php-cli-7.3.29-1.el7.x86_64.rpm rh-php73-php-common-7.3.29-1.el7.x86_64.rpm rh-php73-php-dba-7.3.29-1.el7.x86_64.rpm rh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm rh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm rh-php73-php-devel-7.3.29-1.el7.x86_64.rpm rh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm rh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm rh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm rh-php73-php-gd-7.3.29-1.el7.x86_64.rpm rh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-intl-7.3.29-1.el7.x86_64.rpm rh-php73-php-json-7.3.29-1.el7.x86_64.rpm rh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm rh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm rh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm rh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm rh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm rh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm rh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm rh-php73-php-process-7.3.29-1.el7.x86_64.rpm rh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm rh-php73-php-recode-7.3.29-1.el7.x86_64.rpm rh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm rh-php73-php-soap-7.3.29-1.el7.x86_64.rpm rh-php73-php-xml-7.3.29-1.el7.x86_64.rpm rh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm rh-php73-php-zip-7.3.29-1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2020-7068 https://access.redhat.com/security/cve/CVE-2020-7069 https://access.redhat.com/security/cve/CVE-2020-7070 https://access.redhat.com/security/cve/CVE-2020-7071 https://access.redhat.com/security/cve/CVE-2021-21702 https://access.redhat.com/security/cve/CVE-2021-21705 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYQkJj9zjgjWX9erEAQgi0w/9HBV5SuB3M7vK1ssSWffk2HuyWHLVm+wV Wy96rIvzD1KrNeLTn3HAByHCIgHew6KD1mnoEawc5DItVY6oRlfW8ldX2P8fsk0C 2xzmNy8jAzA0BjYZeYXfMQROpqiqCQVkPhAfeeWaVxn6jRH28oSwmF2U60HOoqLW tWsNmX+kyzWdUhvDSJ2Z/pmftpvWgR8m2hbQDiNF6j7VTUcBB5Ft1CZ5AH5TFkO2 T/35iXqS3imgf6MVfS4fIZHmK7j59B93xv4XCLbsoFJ+YLrzESu1xouZOsU0REdw AGHnGQX/37DcBm3qdMH3DE0aBltk2AgzKdhwxG+gAREVVA2seeJSS9u6N368FSIW 4Q1mLY0bQtdXc9XjmbTnA5sorQoeMdoM8P5DRxvGPG7armFisdhqqNuymcVTmwvz obgIIpuhM1ZOWrMZ5MyWTMKM1/5YdZk1F5wUgto1/DdTfeBOy/grNR1FKSiFcWYH x85ziJdRZK4nQmTeMIXLQvv9ZsDS4k1eRfil9Sq7WQdPjlm1mwYyhdAay/dNSdtd WCruH54kv/dZlv52jZqC1Fr7IzQY48Y2pvknRmCJgitHum6WaKkjaQC+iKR/N0wq ZzINH2j1osQ381u+uJc4wYPHIFw/oWOosDWiuUYX+4oO7+0lAuEYQltmN5qF3z25 OwqKXJAGJYo=waMi -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202012-16
https://security.gentoo.org/
Severity: Low Title: PHP: Multiple vulnerabilities Date: December 23, 2020 Bugs: #711140, #745993, #756775 ID: 202012-16
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which could result in a Denial of Service condition.
Background
PHP is an open source general-purpose scripting language that is especially suited for web development.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/php < 8.0.0 >= 7.2.34-r1:7.2 >= 7.3.25:7.3 >= 7.4.13:7.4
Description
Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers and change log referenced below for details.
Impact
An attacker could cause a Denial of Service condition or obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All PHP 7.2.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.2.34-r1:7.2"
All PHP 7.3.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.3.25:7.3"
All PHP 7.4.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/php-7.4.13:7.4"
References
[ 1 ] CVE-2020-7069 https://nvd.nist.gov/vuln/detail/CVE-2020-7069 [ 2 ] CVE-2020-7070 https://nvd.nist.gov/vuln/detail/CVE-2020-7070 [ 3 ] PHP 7.4.13 Change Log https://www.php.net/ChangeLog-7.php#7.4.13
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202012-16
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . ========================================================================= Ubuntu Security Notice USN-4583-2 October 27, 2020
php7.4 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
Summary:
Several security issues were fixed in PHP. This update provides the corresponding update for Ubuntu 20.10.
Original advisory details:
It was discovered that PHP incorrectly handled certain encrypt ciphers. (CVE-2020-7069)
It was discorevered that PHP incorrectly handled certain HTTP cookies. An attacker could possibly use this issue to forge cookie which is supposed to be secure. (CVE-2020-7070)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.10: libapache2-mod-php7.4 7.4.9-1ubuntu1.1 php7.4-cgi 7.4.9-1ubuntu1.1 php7.4-cli 7.4.9-1ubuntu1.1 php7.4-curl 7.4.9-1ubuntu1.1 php7.4-fpm 7.4.9-1ubuntu1.1
In general, a standard system update will make all the necessary changes.
For the stable distribution (buster), these problems have been fixed in version 7.3.27-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmAtkVwACgkQEMKTtsN8 TjZ41g//e8PiVKbNVmYAbvssLu1ftKMLRmKkzQZZo4EK8GK50i25SKxlEVgGqFef PCbr7AaD3eGrTOTzIE5wqJclhhx664DAWeM68rEJKfn0w5EYznCi/h/vyBiEW4eH DAkBHcckCOMwsXgdvfQk/HAtqA1xoPmC8DZnbpgkd7feXT9/b/YYvv2dQxTMCaT3 AWaX4DBFOQVuk2yyLW9uCNC/cZBkeD3sTZFllV2SsXVr9NKMz3zxMsQAv1UlCTdl 8o8UM7d+zU3a5U5Ua1ENa2QR+RK0jhdRGgkJaXHZbdgZ+uV9rmt/PsV6NFzDseRv /lv44YF+Qs1a5u8SIUORB6BVMhCWECXgXBEQHXsoN+63xc8UcOIpI5tQHq+D4/MY YDyzC9W+fCred/NjVbaPUce6kxoz7k79/dfYbiE/sXj3pvoXqLRj9biRYUM2+/En vzstFBnZqwMv04zSzx+JALpFhkBv5ddg5R03B10o/FxndSJak1dGTUKOsa6M31qR 0pEeKmMizGq7Ws1QmqEvWfbR/uXEd43sEoaC0+OVB6XntUISRmUAj5hkFt/Yy3bd 622nZfXyhdepoPCXTEaDearJd2qdL8wcREG4f+42PMwhjTys/Iw0eVR5LGdKnlmX lbkT1Q1MX3XNbAQTIQpYX0TJJ9oCFU8Wq9HLlV2Eatqb2Hw7AEQ= =9Q7e -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202010-1571", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "33", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "12.04", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "31", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "clustered data ontap", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.2.34", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "18.04", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.4.0", }, { model: "communications diameter signaling router", scope: "lte", trust: 1, vendor: "oracle", version: "8.5.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.2", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.3.23", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "16.04", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "14.04", }, { model: "php", scope: "lt", trust: 1, vendor: "php", version: "7.4.11", }, { model: "ubuntu linux", scope: "eq", trust: 1, vendor: "canonical", version: "20.04", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "32", }, { model: "communications diameter signaling router", scope: "gte", trust: 1, vendor: "oracle", version: "8.0.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.2.0", }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "15.1", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.19.0", }, { model: "php", scope: "gte", trust: 1, vendor: "php", version: "7.3.0", }, { model: "php", scope: null, trust: 0.8, vendor: "the php group", version: null, }, { model: "ubuntu", scope: null, trust: 0.8, vendor: "canonical", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "clustered data ontap", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "leap", scope: null, trust: 0.8, vendor: "opensuse", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Gentoo", sources: [ { db: "PACKETSTORM", id: "160708", }, { db: "CNNVD", id: "CNNVD-202005-435", }, ], trust: 0.7, }, cve: "CVE-2020-7069", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2020-7069", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-185194", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 3.9, id: "CVE-2020-7069", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "security@php.net", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2020-7069", impactScore: 2.5, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.5, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2020-7069", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-7069", trust: 1, value: "MEDIUM", }, { author: "security@php.net", id: "CVE-2020-7069", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2020-7069", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202005-435", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-185194", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2020-7069", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-185194", }, { db: "VULMON", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "CNNVD", id: "CNNVD-202005-435", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7069", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. PHP Contains a cryptographic vulnerability.Information may be obtained and information may be tampered with. Pillow is a Python-based image processing library. \nThere is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. A buffer error vulnerability exists in PHP versions 7.2.0, 7.3.0 and 7.4.0 due to the fact that the 'mbfl_filt_conv_big5_wchar' function does not check bounds properly. A remote attacker could exploit this vulnerability with specially crafted parameters to execute arbitrary code on the system or cause an application to crash. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 8.5 Release Notes linked from the References section. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Moderate: rh-php73-php security, bug fix, and enhancement update\nAdvisory ID: RHSA-2021:2992-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:2992\nIssue date: 2021-08-03\nCVE Names: CVE-2020-7068 CVE-2020-7069 CVE-2020-7070\n CVE-2020-7071 CVE-2021-21702 CVE-2021-21705\n====================================================================\n1. Summary:\n\nAn update for rh-php73-php is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - ppc64le, s390x, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. \n\nThe following packages have been upgraded to a later upstream version:\nrh-php73-php (7.3.29). (BZ#1977764)\n\nSecurity Fix(es):\n\n* php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV\n(CVE-2020-7069)\n\n* php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo\n(CVE-2020-7071)\n\n* php: SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705)\n\n* php: Use of freed hash key in the phar_parse_zipfile function\n(CVE-2020-7068)\n\n* php: URL decoding of cookie names can lead to different interpretation of\ncookies between browser and server (CVE-2020-7070)\n\n* php: NULL pointer dereference in SoapClient (CVE-2021-21702)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1868109 - CVE-2020-7068 php: Use of freed hash key in the phar_parse_zipfile function\n1885735 - CVE-2020-7069 php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV\n1885738 - CVE-2020-7070 php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server\n1913846 - CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo\n1925272 - CVE-2021-21702 php: NULL pointer dereference in SoapClient\n1977764 - PDO ODBC truncates BLOB records at every 256th byte [rhscl-3.7.z]\n1978755 - CVE-2021-21705 php: SSRF bypass in FILTER_VALIDATE_URL\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nrh-php73-php-7.3.29-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.29-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.29-1.el7.s390x.rpm\nrh-php73-php-common-7.3.29-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.29-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.29-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.29-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.29-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.29-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.29-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.29-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.29-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.29-1.el7.s390x.rpm\nrh-php73-php-json-7.3.29-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.29-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.29-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm\nrh-php73-php-process-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.29-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.29-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.29-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.29-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.29-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.29-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.29-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7):\n\nSource:\nrh-php73-php-7.3.29-1.el7.src.rpm\n\nppc64le:\nrh-php73-php-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-cli-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-common-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-dba-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-dbg-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-devel-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-embedded-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-enchant-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-fpm-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-gd-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-gmp-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-intl-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-json-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-ldap-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-odbc-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-opcache-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pdo-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-process-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-pspell-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-recode-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-snmp-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-soap-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-xml-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.ppc64le.rpm\nrh-php73-php-zip-7.3.29-1.el7.ppc64le.rpm\n\ns390x:\nrh-php73-php-7.3.29-1.el7.s390x.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.s390x.rpm\nrh-php73-php-cli-7.3.29-1.el7.s390x.rpm\nrh-php73-php-common-7.3.29-1.el7.s390x.rpm\nrh-php73-php-dba-7.3.29-1.el7.s390x.rpm\nrh-php73-php-dbg-7.3.29-1.el7.s390x.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.s390x.rpm\nrh-php73-php-devel-7.3.29-1.el7.s390x.rpm\nrh-php73-php-embedded-7.3.29-1.el7.s390x.rpm\nrh-php73-php-enchant-7.3.29-1.el7.s390x.rpm\nrh-php73-php-fpm-7.3.29-1.el7.s390x.rpm\nrh-php73-php-gd-7.3.29-1.el7.s390x.rpm\nrh-php73-php-gmp-7.3.29-1.el7.s390x.rpm\nrh-php73-php-intl-7.3.29-1.el7.s390x.rpm\nrh-php73-php-json-7.3.29-1.el7.s390x.rpm\nrh-php73-php-ldap-7.3.29-1.el7.s390x.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.s390x.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.s390x.rpm\nrh-php73-php-odbc-7.3.29-1.el7.s390x.rpm\nrh-php73-php-opcache-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pdo-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.s390x.rpm\nrh-php73-php-process-7.3.29-1.el7.s390x.rpm\nrh-php73-php-pspell-7.3.29-1.el7.s390x.rpm\nrh-php73-php-recode-7.3.29-1.el7.s390x.rpm\nrh-php73-php-snmp-7.3.29-1.el7.s390x.rpm\nrh-php73-php-soap-7.3.29-1.el7.s390x.rpm\nrh-php73-php-xml-7.3.29-1.el7.s390x.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.s390x.rpm\nrh-php73-php-zip-7.3.29-1.el7.s390x.rpm\n\nx86_64:\nrh-php73-php-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.29-1.el7.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nrh-php73-php-7.3.29-1.el7.src.rpm\n\nx86_64:\nrh-php73-php-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-bcmath-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-cli-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-common-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dba-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-dbg-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-debuginfo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-devel-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-embedded-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-enchant-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-fpm-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-gmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-intl-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-json-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-ldap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mbstring-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-mysqlnd-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-odbc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-opcache-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pdo-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pgsql-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-process-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-pspell-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-recode-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-snmp-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-soap-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xml-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-xmlrpc-7.3.29-1.el7.x86_64.rpm\nrh-php73-php-zip-7.3.29-1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2020-7068\nhttps://access.redhat.com/security/cve/CVE-2020-7069\nhttps://access.redhat.com/security/cve/CVE-2020-7070\nhttps://access.redhat.com/security/cve/CVE-2020-7071\nhttps://access.redhat.com/security/cve/CVE-2021-21702\nhttps://access.redhat.com/security/cve/CVE-2021-21705\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYQkJj9zjgjWX9erEAQgi0w/9HBV5SuB3M7vK1ssSWffk2HuyWHLVm+wV\nWy96rIvzD1KrNeLTn3HAByHCIgHew6KD1mnoEawc5DItVY6oRlfW8ldX2P8fsk0C\n2xzmNy8jAzA0BjYZeYXfMQROpqiqCQVkPhAfeeWaVxn6jRH28oSwmF2U60HOoqLW\ntWsNmX+kyzWdUhvDSJ2Z/pmftpvWgR8m2hbQDiNF6j7VTUcBB5Ft1CZ5AH5TFkO2\nT/35iXqS3imgf6MVfS4fIZHmK7j59B93xv4XCLbsoFJ+YLrzESu1xouZOsU0REdw\nAGHnGQX/37DcBm3qdMH3DE0aBltk2AgzKdhwxG+gAREVVA2seeJSS9u6N368FSIW\n4Q1mLY0bQtdXc9XjmbTnA5sorQoeMdoM8P5DRxvGPG7armFisdhqqNuymcVTmwvz\nobgIIpuhM1ZOWrMZ5MyWTMKM1/5YdZk1F5wUgto1/DdTfeBOy/grNR1FKSiFcWYH\nx85ziJdRZK4nQmTeMIXLQvv9ZsDS4k1eRfil9Sq7WQdPjlm1mwYyhdAay/dNSdtd\nWCruH54kv/dZlv52jZqC1Fr7IzQY48Y2pvknRmCJgitHum6WaKkjaQC+iKR/N0wq\nZzINH2j1osQ381u+uJc4wYPHIFw/oWOosDWiuUYX+4oO7+0lAuEYQltmN5qF3z25\nOwqKXJAGJYo=waMi\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. This issue only affected Ubuntu 18.04 LTS and\nUbuntu 20.04 LTS. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202012-16\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Low\n Title: PHP: Multiple vulnerabilities\n Date: December 23, 2020\n Bugs: #711140, #745993, #756775\n ID: 202012-16\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in PHP, the worst of which\ncould result in a Denial of Service condition. \n\nBackground\n==========\n\nPHP is an open source general-purpose scripting language that is\nespecially suited for web development. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-lang/php < 8.0.0 >= 7.2.34-r1:7.2\n >= 7.3.25:7.3\n >= 7.4.13:7.4\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in PHP. Please review the\nCVE identifiers and change log referenced below for details. \n\nImpact\n======\n\nAn attacker could cause a Denial of Service condition or obtain\nsensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll PHP 7.2.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.2.34-r1:7.2\"\n\nAll PHP 7.3.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.3.25:7.3\"\n\nAll PHP 7.4.x users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/php-7.4.13:7.4\"\n\nReferences\n==========\n\n[ 1 ] CVE-2020-7069\n https://nvd.nist.gov/vuln/detail/CVE-2020-7069\n[ 2 ] CVE-2020-7070\n https://nvd.nist.gov/vuln/detail/CVE-2020-7070\n[ 3 ] PHP 7.4.13 Change Log\n https://www.php.net/ChangeLog-7.php#7.4.13\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202012-16\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2020 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. =========================================================================\nUbuntu Security Notice USN-4583-2\nOctober 27, 2020\n\nphp7.4 vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 20.10\n\nSummary:\n\nSeveral security issues were fixed in PHP. This update provides\nthe corresponding update for Ubuntu 20.10. \n\nOriginal advisory details:\n\n It was discovered that PHP incorrectly handled certain encrypt ciphers. (CVE-2020-7069)\n\n It was discorevered that PHP incorrectly handled certain HTTP cookies. \n An attacker could possibly use this issue to forge cookie which is supposed to\n be secure. (CVE-2020-7070)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 20.10:\n libapache2-mod-php7.4 7.4.9-1ubuntu1.1\n php7.4-cgi 7.4.9-1ubuntu1.1\n php7.4-cli 7.4.9-1ubuntu1.1\n php7.4-curl 7.4.9-1ubuntu1.1\n php7.4-fpm 7.4.9-1ubuntu1.1\n\nIn general, a standard system update will make all the necessary changes. \n\nFor the stable distribution (buster), these problems have been fixed in\nversion 7.3.27-1~deb10u1. \n\nWe recommend that you upgrade your php7.3 packages. \n\nFor the detailed security status of php7.3 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/php7.3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmAtkVwACgkQEMKTtsN8\nTjZ41g//e8PiVKbNVmYAbvssLu1ftKMLRmKkzQZZo4EK8GK50i25SKxlEVgGqFef\nPCbr7AaD3eGrTOTzIE5wqJclhhx664DAWeM68rEJKfn0w5EYznCi/h/vyBiEW4eH\nDAkBHcckCOMwsXgdvfQk/HAtqA1xoPmC8DZnbpgkd7feXT9/b/YYvv2dQxTMCaT3\nAWaX4DBFOQVuk2yyLW9uCNC/cZBkeD3sTZFllV2SsXVr9NKMz3zxMsQAv1UlCTdl\n8o8UM7d+zU3a5U5Ua1ENa2QR+RK0jhdRGgkJaXHZbdgZ+uV9rmt/PsV6NFzDseRv\n/lv44YF+Qs1a5u8SIUORB6BVMhCWECXgXBEQHXsoN+63xc8UcOIpI5tQHq+D4/MY\nYDyzC9W+fCred/NjVbaPUce6kxoz7k79/dfYbiE/sXj3pvoXqLRj9biRYUM2+/En\nvzstFBnZqwMv04zSzx+JALpFhkBv5ddg5R03B10o/FxndSJak1dGTUKOsa6M31qR\n0pEeKmMizGq7Ws1QmqEvWfbR/uXEd43sEoaC0+OVB6XntUISRmUAj5hkFt/Yy3bd\n622nZfXyhdepoPCXTEaDearJd2qdL8wcREG4f+42PMwhjTys/Iw0eVR5LGdKnlmX\nlbkT1Q1MX3XNbAQTIQpYX0TJJ9oCFU8Wq9HLlV2Eatqb2Hw7AEQ=\n=9Q7e\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "VULHUB", id: "VHN-185194", }, { db: "VULMON", id: "CVE-2020-7069", }, { db: "PACKETSTORM", id: "164839", }, { db: "PACKETSTORM", id: "163727", }, { db: "PACKETSTORM", id: "159564", }, { db: "PACKETSTORM", id: "160708", }, { db: "PACKETSTORM", id: "159722", }, { db: "PACKETSTORM", id: "168990", }, ], trust: 2.88, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-7069", trust: 3.2, }, { db: "TENABLE", id: "TNS-2021-14", trust: 1.8, }, { db: "PACKETSTORM", id: "159722", trust: 0.8, }, { db: "PACKETSTORM", id: "160708", trust: 0.8, }, { db: "PACKETSTORM", id: "164839", trust: 0.8, }, { db: "PACKETSTORM", id: "159564", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2020-012092", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202005-435", trust: 0.7, }, { db: "PACKETSTORM", id: "163727", trust: 0.7, }, { db: "CS-HELP", id: "SB2021080321", trust: 0.6, }, { db: "CS-HELP", id: "SB2021072292", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.3787", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2608", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.0606", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2022.6055", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3671", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3541", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.2515", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.3581", trust: 0.6, }, { db: "CS-HELP", id: "SB2021041363", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202104-975", trust: 0.6, }, { db: "CNVD", id: "CNVD-2020-33149", trust: 0.1, }, { db: "VULHUB", id: "VHN-185194", trust: 0.1, }, { db: "VULMON", id: "CVE-2020-7069", trust: 0.1, }, { db: "PACKETSTORM", id: "168990", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-185194", }, { db: "VULMON", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "PACKETSTORM", id: "164839", }, { db: "PACKETSTORM", id: "163727", }, { db: "PACKETSTORM", id: "159564", }, { db: "PACKETSTORM", id: "160708", }, { db: "PACKETSTORM", id: "159722", }, { db: "PACKETSTORM", id: "168990", }, { db: "CNNVD", id: "CNNVD-202005-435", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, id: "VAR-202010-1571", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-185194", }, ], trust: 0.01, }, last_update_date: "2024-11-23T21:19:07.142000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "openSUSE Leap 15.2 The PHP GroupPHP Bugs", trust: 0.8, url: "https://usn.ubuntu.com/4583-1/", }, { title: "PHP Buffer error vulnerability fix", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=118684", }, { title: "Amazon Linux AMI: ALAS-2020-1440", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2020-1440", }, { title: "Debian Security Advisories: DSA-4856-1 php7.3 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=02a4cb271948bb2c8ad70e07948c2253", }, { title: "Tenable Security Advisories: [R1] Tenable.sc 5.19.0 Fixes Multiple Third-party Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories&qid=TNS-2021-14", }, { title: "OpenSSL-CVE-lib", trust: 0.1, url: "https://github.com/chnzzh/OpenSSL-CVE-lib ", }, ], sources: [ { db: "VULMON", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "CNNVD", id: "CNNVD-202005-435", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-326", trust: 1.1, }, { problemtype: "CWE-20", trust: 1, }, { problemtype: "Inadequate encryption strength (CWE-326) [NVD Evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-185194", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7069", }, { trust: 1.9, url: "https://security.gentoo.org/glsa/202012-16", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { trust: 1.8, url: "https://www.tenable.com/security/tns-2021-14", }, { trust: 1.8, url: "https://www.debian.org/security/2021/dsa-4856", }, { trust: 1.8, url: "https://bugs.php.net/bug.php?id=79601", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuapr2021.html", }, { trust: 1.8, url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { trust: 1.8, url: "https://usn.ubuntu.com/4583-1/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rru57n3osyzpomfwprdnvh7emyotsz66/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7evdn7d3ib4eai4d3zom2ojkq5sd7k4e/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/p2j3zzdhcsx65t5qwv4ahbn7mojxbekg/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rru57n3osyzpomfwprdnvh7emyotsz66/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7evdn7d3ib4eai4d3zom2ojkq5sd7k4e/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/p2j3zzdhcsx65t5qwv4ahbn7mojxbekg/", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7070", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.0606", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2608", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-information-disclosure-via-aes-ccm-encryption-33466", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/164839/red-hat-security-advisory-2021-4213-03.html", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021072292", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159564/ubuntu-security-notice-usn-4583-1.html", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.2515", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/163727/red-hat-security-advisory-2021-2992-01.html", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/php-buffer-overflow-via-mbfl-filt-conv-big5-wchar-32228", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/160708/gentoo-linux-security-advisory-202012-16.html", }, { trust: 0.6, url: "https://packetstormsecurity.com/files/159722/ubuntu-security-notice-usn-4583-2.html", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-php-cve-2020-7069-cve-2020-7059-2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.3787", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-api-connect-is-impacted-by-vulnerabilities-in-php-cve-2020-7069-cve-2020-7059/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2022.6055", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3671/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021080321", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3581/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.3541/", }, { trust: 0.6, url: "https://www.cybersecurity-help.cz/vdb/sb2021041363", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7068", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-21702", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2020-7071", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7070", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7069", }, { trust: 0.2, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2021-21702", }, { trust: 0.2, url: "https://access.redhat.com/security/updates/classification/#moderate", }, { trust: 0.2, url: "https://access.redhat.com/articles/11258", }, { trust: 0.2, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7071", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2020-7068", }, { trust: 0.2, url: "https://bugzilla.redhat.com/):", }, { trust: 0.2, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.2, url: "https://usn.ubuntu.com/4583-1", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/326.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://alas.aws.amazon.com/alas-2020-1440.html", }, { trust: 0.1, url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:4213", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-21705", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2021:2992", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-21705", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.2/7.2.24-0ubuntu0.18.04.7", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.16", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.4/7.4.3-4ubuntu2.4", }, { trust: 0.1, url: "https://www.php.net/changelog-7.php#7.4.13", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://launchpad.net/ubuntu/+source/php7.4/7.4.9-1ubuntu1.1", }, { trust: 0.1, url: "https://usn.ubuntu.com/4583-2", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/php7.3", }, ], sources: [ { db: "VULHUB", id: "VHN-185194", }, { db: "VULMON", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "PACKETSTORM", id: "164839", }, { db: "PACKETSTORM", id: "163727", }, { db: "PACKETSTORM", id: "159564", }, { db: "PACKETSTORM", id: "160708", }, { db: "PACKETSTORM", id: "159722", }, { db: "PACKETSTORM", id: "168990", }, { db: "CNNVD", id: "CNNVD-202005-435", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-185194", }, { db: "VULMON", id: "CVE-2020-7069", }, { db: "JVNDB", id: "JVNDB-2020-012092", }, { db: "PACKETSTORM", id: "164839", }, { db: "PACKETSTORM", id: "163727", }, { db: "PACKETSTORM", id: "159564", }, { db: "PACKETSTORM", id: "160708", }, { db: "PACKETSTORM", id: "159722", }, { db: "PACKETSTORM", id: "168990", }, { db: "CNNVD", id: "CNNVD-202005-435", }, { db: "CNNVD", id: "CNNVD-202104-975", }, { db: "NVD", id: "CVE-2020-7069", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-02T00:00:00", db: "VULHUB", id: "VHN-185194", }, { date: "2020-10-02T00:00:00", db: "VULMON", id: "CVE-2020-7069", }, { date: "2021-04-23T00:00:00", db: "JVNDB", id: "JVNDB-2020-012092", }, { date: "2021-11-10T17:05:06", db: "PACKETSTORM", id: "164839", }, { date: "2021-08-03T14:47:43", db: "PACKETSTORM", id: "163727", }, { date: "2020-10-14T20:14:14", db: "PACKETSTORM", id: "159564", }, { date: "2020-12-24T17:17:47", db: "PACKETSTORM", id: "160708", }, { date: "2020-10-27T14:12:34", db: "PACKETSTORM", id: "159722", }, { date: "2021-02-28T20:12:00", db: "PACKETSTORM", id: "168990", }, { date: "2020-05-11T00:00:00", db: "CNNVD", id: "CNNVD-202005-435", }, { date: "2021-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2020-10-02T15:15:12.670000", db: "NVD", id: "CVE-2020-7069", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-02T00:00:00", db: "VULHUB", id: "VHN-185194", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2020-7069", }, { date: "2021-04-23T08:59:00", db: "JVNDB", id: "JVNDB-2020-012092", }, { date: "2022-11-22T00:00:00", db: "CNNVD", id: "CNNVD-202005-435", }, { date: "2021-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202104-975", }, { date: "2024-11-21T05:36:36.820000", db: "NVD", id: "CVE-2020-7069", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202005-435", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "PHP Vulnerability in cryptography", sources: [ { db: "JVNDB", id: "JVNDB-2020-012092", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "encryption problem", sources: [ { db: "CNNVD", id: "CNNVD-202005-435", }, ], trust: 0.6, }, }
var-202112-1608
Vulnerability from variot
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. The server is fast, reliable, and can be expanded through simple APIs. An attacker can use this vulnerability to cause a buffer overflow. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6
macOS Big Sur 11.6.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213256.
apache Available for: macOS Big Sur Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721
AppKit Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team
AppleAVD Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22675: an anonymous researcher
AppleGraphicsControl Available for: macOS Big Sur Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative
AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved bounds checking. CVE-2022-26698: Qi Sun of Trend Micro
AppleScript Available for: macOS Big Sur Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro
CoreTypes Available for: macOS Big Sur Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2022-22663: Arsenii Kostromin (0x3c3e)
CVMS Available for: macOS Big Sur Impact: A malicious application may be able to gain root privileges Description: A memory initialization issue was addressed. CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori
DriverKit Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)
Graphics Drivers Available for: macOS Big Sur Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2022-22674: an anonymous researcher
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26720: Liu Long of Ant Security Light-Year Lab
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26770: Liu Long of Ant Security Light-Year Lab
Intel Graphics Driver Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26756: Jack Dates of RET2 Systems, Inc
Intel Graphics Driver Available for: macOS Big Sur Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26769: Antonio Zekic (@antoniozekic)
Intel Graphics Driver Available for: macOS Big Sur Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative
IOMobileFrameBuffer Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26768: an anonymous researcher
Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg)
Kernel Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero
LaunchServices Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with additional permissions checks. CVE-2022-26767: Wojciech Reguła (@_r3ggi) of SecuRing
LaunchServices Available for: macOS Big Sur Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions on third-party applications. CVE-2022-26706: Arsenii Kostromin (0x3c3e)
libresolv Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms) of the Google Security Team
LibreSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2022-0778
libxml2 Available for: macOS Big Sur Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308
OpenSSL Available for: macOS Big Sur Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2022-0778
PackageKit Available for: macOS Big Sur Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed by removing the vulnerable code. CVE-2022-26712: Mickey Jin (@patch1t)
Printing Available for: macOS Big Sur Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2022-26746: @gorelics
Security Available for: macOS Big Sur Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)
SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26718: Peter Nguyễn Vũ Hoàng of STAR Labs
SMB Available for: macOS Big Sur Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26723: Felix Poulin-Belanger
SMB Available for: macOS Big Sur Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs
SoftwareUpdate Available for: macOS Big Sur Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2022-26728: Mickey Jin (@patch1t)
TCC Available for: macOS Big Sur Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks. CVE-2022-26726: an anonymous researcher
Tcl Available for: macOS Big Sur Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2022-26755: Arsenii Kostromin (0x3c3e)
Vim Available for: macOS Big Sur Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating Vim. CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128
WebKit Available for: macOS Big Sur Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)
Wi-Fi Available for: macOS Big Sur Impact: A malicious application may disclose restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2022-26745: an anonymous researcher
Wi-Fi Available for: macOS Big Sur Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-26761: Wang Yu of Cyberserval
zip Available for: macOS Big Sur Impact: Processing a maliciously crafted file may lead to a denial of service Description: A denial of service issue was addressed with improved state handling. CVE-2022-0530
zlib Available for: macOS Big Sur Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-25032: Tavis Ormandy
zsh Available for: macOS Big Sur Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed by updating to zsh version 5.8.1. CVE-2021-45444
Additional recognition
Bluetooth We would like to acknowledge Jann Horn of Project Zero for their assistance.
macOS Big Sur 11.6.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TUACgkQeC9qKD1p rhgJBg/9HpPp6P2OtFdYHigfaoga/3szMAjXC650MlC2rF1lXyTRVsO54eupz4er K8Iud3+YnDVTUKkadftWt2XdxAADGtfEFhJW584RtnWjeli+XtGEjQ8jD1/MNPJW qtnrOh2pYG9SxolKDofhiecbYxIGppRKSDRFl0/3VGFed2FIpiRDunlttHBEhHu/ vZVSFzMrNbGvhju+ZCdwFLKXOgB851aRSeo9Xkt63tSGiee7rLmVAINyFbbPwcVP yXwMvn0TNodCBn0wBWD0+iQ3UXIDIYSPaM1Z0BQxVraEhK3Owro3JKgqNbWswMvj SY0KUulbAPs3aOeyz1BI70npYA3+Qwd+bk2hxbzbU/AxvxCrsEk04QfxLYqvj0mR VZYPcup2KAAkiTeekQ5X739r8NAyaaI+bp7FllFv/Z2jVW9kGgNIFr46R05MD9NF aC1JAZtJ4VWbMEGHnHAMrOgdGaHpryvzl2BjUXRgW27vIq5uF5YiNcpjS2BezTFc R2ojiMNRB33Y44LlH7Zv3gHm4bE3+NzcGeWvBzwOsHznk9Jiv6x2eBUxkttMlPyO zymQMONQN3bktSMT8JnmJ8rlEgISONd7NeTEzuhlGIWaWNAFmmBoPnBiPk+yC3n4 d22yFs6DLp2pJ+0zOWmTcqt1xYng05Jwj4F0KT49w0TO9Up79+o= =rtPl -----END PGP SIGNATURE-----
. Summary:
An update for httpd is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64
Security Fix(es):
-
httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790)
-
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (CVE-2022-22720)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.6):
Source: httpd-2.4.6-89.el7_6.4.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.4.noarch.rpm
x86_64: httpd-2.4.6-89.el7_6.4.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm httpd-devel-2.4.6-89.el7_6.4.x86_64.rpm httpd-tools-2.4.6-89.el7_6.4.x86_64.rpm mod_session-2.4.6-89.el7_6.4.x86_64.rpm mod_ssl-2.4.6-89.el7_6.4.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.6):
Source: httpd-2.4.6-89.el7_6.4.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.4.noarch.rpm
ppc64le: httpd-2.4.6-89.el7_6.4.ppc64le.rpm httpd-debuginfo-2.4.6-89.el7_6.4.ppc64le.rpm httpd-devel-2.4.6-89.el7_6.4.ppc64le.rpm httpd-tools-2.4.6-89.el7_6.4.ppc64le.rpm mod_session-2.4.6-89.el7_6.4.ppc64le.rpm mod_ssl-2.4.6-89.el7_6.4.ppc64le.rpm
x86_64: httpd-2.4.6-89.el7_6.4.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm httpd-devel-2.4.6-89.el7_6.4.x86_64.rpm httpd-tools-2.4.6-89.el7_6.4.x86_64.rpm mod_session-2.4.6-89.el7_6.4.x86_64.rpm mod_ssl-2.4.6-89.el7_6.4.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.6):
Source: httpd-2.4.6-89.el7_6.4.src.rpm
noarch: httpd-manual-2.4.6-89.el7_6.4.noarch.rpm
x86_64: httpd-2.4.6-89.el7_6.4.x86_64.rpm httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm httpd-devel-2.4.6-89.el7_6.4.x86_64.rpm httpd-tools-2.4.6-89.el7_6.4.x86_64.rpm mod_session-2.4.6-89.el7_6.4.x86_64.rpm mod_ssl-2.4.6-89.el7_6.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.6):
x86_64: httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm mod_ldap-2.4.6-89.el7_6.4.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.6):
ppc64le: httpd-debuginfo-2.4.6-89.el7_6.4.ppc64le.rpm mod_ldap-2.4.6-89.el7_6.4.ppc64le.rpm mod_proxy_html-2.4.6-89.el7_6.4.ppc64le.rpm
x86_64: httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm mod_ldap-2.4.6-89.el7_6.4.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.6):
x86_64: httpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm mod_ldap-2.4.6-89.el7_6.4.x86_64.rpm mod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-44790 https://access.redhat.com/security/cve/CVE-2022-22720 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
For the oldstable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u7.
For the stable distribution (bullseye), these problems have been fixed in version 2.4.52-1~deb11u2.
We recommend that you upgrade your apache2 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202208-20
https://security.gentoo.org/
Severity: High Title: Apache HTTPD: Multiple Vulnerabilities Date: August 14, 2022 Bugs: #813429, #816399, #816864, #829722, #835131, #850622 ID: 202208-20
Synopsis
Multiple vulnerabilities have been discovered in Apache Webserver, the worst of which could result in remote code execution. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Apache HTTPD users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.54"
All Apache HTTPD tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-admin/apache-tools-2.4.54"
References
[ 1 ] CVE-2021-33193 https://nvd.nist.gov/vuln/detail/CVE-2021-33193 [ 2 ] CVE-2021-34798 https://nvd.nist.gov/vuln/detail/CVE-2021-34798 [ 3 ] CVE-2021-36160 https://nvd.nist.gov/vuln/detail/CVE-2021-36160 [ 4 ] CVE-2021-39275 https://nvd.nist.gov/vuln/detail/CVE-2021-39275 [ 5 ] CVE-2021-40438 https://nvd.nist.gov/vuln/detail/CVE-2021-40438 [ 6 ] CVE-2021-41524 https://nvd.nist.gov/vuln/detail/CVE-2021-41524 [ 7 ] CVE-2021-41773 https://nvd.nist.gov/vuln/detail/CVE-2021-41773 [ 8 ] CVE-2021-42013 https://nvd.nist.gov/vuln/detail/CVE-2021-42013 [ 9 ] CVE-2021-44224 https://nvd.nist.gov/vuln/detail/CVE-2021-44224 [ 10 ] CVE-2021-44790 https://nvd.nist.gov/vuln/detail/CVE-2021-44790 [ 11 ] CVE-2022-22719 https://nvd.nist.gov/vuln/detail/CVE-2022-22719 [ 12 ] CVE-2022-22720 https://nvd.nist.gov/vuln/detail/CVE-2022-22720 [ 13 ] CVE-2022-22721 https://nvd.nist.gov/vuln/detail/CVE-2022-22721 [ 14 ] CVE-2022-23943 https://nvd.nist.gov/vuln/detail/CVE-2022-23943 [ 15 ] CVE-2022-26377 https://nvd.nist.gov/vuln/detail/CVE-2022-26377 [ 16 ] CVE-2022-28614 https://nvd.nist.gov/vuln/detail/CVE-2022-28614 [ 17 ] CVE-2022-28615 https://nvd.nist.gov/vuln/detail/CVE-2022-28615 [ 18 ] CVE-2022-29404 https://nvd.nist.gov/vuln/detail/CVE-2022-29404 [ 19 ] CVE-2022-30522 https://nvd.nist.gov/vuln/detail/CVE-2022-30522 [ 20 ] CVE-2022-30556 https://nvd.nist.gov/vuln/detail/CVE-2022-30556 [ 21 ] CVE-2022-31813 https://nvd.nist.gov/vuln/detail/CVE-2022-31813
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202208-20
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5 . Description:
Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/):
2050826 - CVE-2022-24348 gitops: Path traversal and dereference of symlinks when passing Helm value files
- ========================================================================== Ubuntu Security Notice USN-5212-2 January 10, 2022
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in Apache HTTP Server. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Apache HTTP Server incorrectly handled certain forward proxy requests. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly perform a Server Side Request Forgery attack. (CVE-2021-44790)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: apache2 2.4.18-2ubuntu3.17+esm4 apache2-bin 2.4.18-2ubuntu3.17+esm4
Ubuntu 14.04 ESM: apache2 2.4.7-1ubuntu4.22+esm3 apache2-bin 2.4.7-1ubuntu4.22+esm3
In general, a standard system update will make all the necessary changes
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202112-1608", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "macos", scope: "gte", trust: 1, vendor: "apple", version: "12.0", }, { model: "mac os x", scope: "eq", trust: 1, vendor: "apple", version: "10.15.7", }, { model: "tenable.sc", scope: "lt", trust: 1, vendor: "tenable", version: "5.20.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "36", }, { model: "cloud backup", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.2", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "34", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "35", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.4", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "5.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "11.0", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.3", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "10.15.7", }, { model: "communications session route manager", scope: "lte", trust: 1, vendor: "oracle", version: "9.0", }, { model: "communications session report manager", scope: "lte", trust: 1, vendor: "oracle", version: "9.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "10.0", }, { model: "http server", scope: "lte", trust: 1, vendor: "apache", version: "2.4.51", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.4.0", }, { model: "zfs storage appliance kit", scope: "eq", trust: 1, vendor: "oracle", version: "8.8", }, { model: "instantis enterprisetrack", scope: "eq", trust: 1, vendor: "oracle", version: "17.1", }, { model: "macos", scope: "gte", trust: 1, vendor: "apple", version: "11.0", }, { model: "communications operations monitor", scope: "eq", trust: 1, vendor: "oracle", version: "4.3", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "11.6.6", }, { model: "macos", scope: "lt", trust: 1, vendor: "apple", version: "12.4", }, { model: "tenable.sc", scope: "gte", trust: 1, vendor: "tenable", version: "5.16.0", }, { model: "communications element manager", scope: "lte", trust: 1, vendor: "oracle", version: "9.0", }, { model: "http server", scope: "eq", trust: 1, vendor: "oracle", version: "12.2.1.3.0", }, { model: "cloud backup", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "apple mac os x", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "oracle communications session report manager", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "oracle communications operations monitor", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "oracle communications session element manager", scope: null, trust: 0.8, vendor: "オラクル", version: null, }, { model: "http server", scope: null, trust: 0.8, vendor: "apache", version: null, }, { model: "macos", scope: null, trust: 0.8, vendor: "アップル", version: null, }, { model: "日立高信頼サーバ rv3000", scope: null, trust: 0.8, vendor: "日立", version: null, }, { model: "tenable.sc", scope: null, trust: 0.8, vendor: "tenable", version: null, }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "fedora", scope: null, trust: 0.8, vendor: "fedora", version: null, }, { model: "http server", scope: "lte", trust: 0.6, vendor: "apache", version: "<=2.4.51", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Red Hat", sources: [ { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "166051", }, { db: "PACKETSTORM", id: "166154", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165747", }, ], trust: 0.5, }, cve: "CVE-2021-44790", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2021-44790", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.8, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2021-102386", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-408105", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2021-44790", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2021-44790", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2021-44790", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2021-44790", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2021-102386", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-408105", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. The server is fast, reliable, and can be expanded through simple APIs. An attacker can use this vulnerability to cause a buffer overflow. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6\n\nmacOS Big Sur 11.6.6 addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213256. \n\napache\nAvailable for: macOS Big Sur\nImpact: Multiple issues in apache\nDescription: Multiple issues were addressed by updating apache to\nversion 2.4.53. \nCVE-2021-44224\nCVE-2021-44790\nCVE-2022-22719\nCVE-2022-22720\nCVE-2022-22721\n\nAppKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to gain root privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2022-22665: Lockheed Martin Red Team\n\nAppleAVD\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges. Apple is aware of a report that this issue may\nhave been actively exploited. \nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-22675: an anonymous researcher\n\nAppleGraphicsControl\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day\nInitiative\n\nAppleScript\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read issue was addressed with improved\nbounds checking. \nCVE-2022-26698: Qi Sun of Trend Micro\n\nAppleScript\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26697: Qi Sun and Robert Ai of Trend Micro\n\nCoreTypes\nAvailable for: macOS Big Sur\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2022-22663: Arsenii Kostromin (0x3c3e)\n\nCVMS\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to gain root privileges\nDescription: A memory initialization issue was addressed. \nCVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori\nCVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori\n\nDriverKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: An out-of-bounds access issue was addressed with\nimproved bounds checking. \nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\nGraphics Drivers\nAvailable for: macOS Big Sur\nImpact: A local user may be able to read kernel memory\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed with improved input\nvalidation. \nCVE-2022-22674: an anonymous researcher\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26720: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26770: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26756: Jack Dates of RET2 Systems, Inc\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26769: Antonio Zekic (@antoniozekic)\n\nIntel Graphics Driver\nAvailable for: macOS Big Sur\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro\nZero Day Initiative\n\nIOMobileFrameBuffer\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2022-26768: an anonymous researcher\n\nKernel\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs\n(@starlabs_sg)\n\nKernel\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-26757: Ned Williamson of Google Project Zero\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: The issue was addressed with additional permissions\nchecks. \nCVE-2022-26767: Wojciech Reguła (@_r3ggi) of SecuRing\n\nLaunchServices\nAvailable for: macOS Big Sur\nImpact: A sandboxed process may be able to circumvent sandbox\nrestrictions\nDescription: An access issue was addressed with additional sandbox\nrestrictions on third-party applications. \nCVE-2022-26706: Arsenii Kostromin (0x3c3e)\n\nlibresolv\nAvailable for: macOS Big Sur\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: This issue was addressed with improved checks. \nCVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms)\nof the Google Security Team\n\nLibreSSL\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2022-0778\n\nlibxml2\nAvailable for: macOS Big Sur\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-23308\n\nOpenSSL\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: This issue was addressed with improved checks. \nCVE-2022-0778\n\nPackageKit\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2022-26712: Mickey Jin (@patch1t)\n\nPrinting\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2022-26746: @gorelics\n\nSecurity\nAvailable for: macOS Big Sur\nImpact: A malicious app may be able to bypass signature validation\nDescription: A certificate parsing issue was addressed with improved\nchecks. \nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\nSMB\nAvailable for: macOS Big Sur\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26718: Peter Nguyễn Vũ Hoàng of STAR Labs\n\nSMB\nAvailable for: macOS Big Sur\nImpact: Mounting a maliciously crafted Samba network share may lead\nto arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26723: Felix Poulin-Belanger\n\nSMB\nAvailable for: macOS Big Sur\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs\n\nSoftwareUpdate\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed with improved entitlements. \nCVE-2022-26728: Mickey Jin (@patch1t)\n\nTCC\nAvailable for: macOS Big Sur\nImpact: An app may be able to capture a user's screen\nDescription: This issue was addressed with improved checks. \nCVE-2022-26726: an anonymous researcher\n\nTcl\nAvailable for: macOS Big Sur\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: This issue was addressed with improved environment\nsanitization. \nCVE-2022-26755: Arsenii Kostromin (0x3c3e)\n\nVim\nAvailable for: macOS Big Sur\nImpact: Multiple issues in Vim\nDescription: Multiple issues were addressed by updating Vim. \nCVE-2021-4136\nCVE-2021-4166\nCVE-2021-4173\nCVE-2021-4187\nCVE-2021-4192\nCVE-2021-4193\nCVE-2021-46059\nCVE-2022-0128\n\nWebKit\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted mail message may lead to\nrunning arbitrary javascript\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu\nof Palo Alto Networks (paloaltonetworks.com)\n\nWi-Fi\nAvailable for: macOS Big Sur\nImpact: A malicious application may disclose restricted memory\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26745: an anonymous researcher\n\nWi-Fi\nAvailable for: macOS Big Sur\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2022-26761: Wang Yu of Cyberserval\n\nzip\nAvailable for: macOS Big Sur\nImpact: Processing a maliciously crafted file may lead to a denial of\nservice\nDescription: A denial of service issue was addressed with improved\nstate handling. \nCVE-2022-0530\n\nzlib\nAvailable for: macOS Big Sur\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-25032: Tavis Ormandy\n\nzsh\nAvailable for: macOS Big Sur\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: This issue was addressed by updating to zsh version\n5.8.1. \nCVE-2021-45444\n\nAdditional recognition\n\nBluetooth\nWe would like to acknowledge Jann Horn of Project Zero for their\nassistance. \n\nmacOS Big Sur 11.6.6 may be obtained from the Mac App Store or\nApple's Software Downloads web site:\nhttps://support.apple.com/downloads/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TUACgkQeC9qKD1p\nrhgJBg/9HpPp6P2OtFdYHigfaoga/3szMAjXC650MlC2rF1lXyTRVsO54eupz4er\nK8Iud3+YnDVTUKkadftWt2XdxAADGtfEFhJW584RtnWjeli+XtGEjQ8jD1/MNPJW\nqtnrOh2pYG9SxolKDofhiecbYxIGppRKSDRFl0/3VGFed2FIpiRDunlttHBEhHu/\nvZVSFzMrNbGvhju+ZCdwFLKXOgB851aRSeo9Xkt63tSGiee7rLmVAINyFbbPwcVP\nyXwMvn0TNodCBn0wBWD0+iQ3UXIDIYSPaM1Z0BQxVraEhK3Owro3JKgqNbWswMvj\nSY0KUulbAPs3aOeyz1BI70npYA3+Qwd+bk2hxbzbU/AxvxCrsEk04QfxLYqvj0mR\nVZYPcup2KAAkiTeekQ5X739r8NAyaaI+bp7FllFv/Z2jVW9kGgNIFr46R05MD9NF\naC1JAZtJ4VWbMEGHnHAMrOgdGaHpryvzl2BjUXRgW27vIq5uF5YiNcpjS2BezTFc\nR2ojiMNRB33Y44LlH7Zv3gHm4bE3+NzcGeWvBzwOsHznk9Jiv6x2eBUxkttMlPyO\nzymQMONQN3bktSMT8JnmJ8rlEgISONd7NeTEzuhlGIWaWNAFmmBoPnBiPk+yC3n4\nd22yFs6DLp2pJ+0zOWmTcqt1xYng05Jwj4F0KT49w0TO9Up79+o=\n=rtPl\n-----END PGP SIGNATURE-----\n\n\n. Summary:\n\nAn update for httpd is now available for Red Hat Enterprise Linux 7.6\nAdvanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.6 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.6) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.6) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* httpd: mod_lua: Possible buffer overflow when parsing multipart content\n(CVE-2021-44790)\n\n* httpd: Errors encountered during the discarding of request body lead to\nHTTP request smuggling (CVE-2022-22720)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.4.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.4.x86_64.rpm\nmod_session-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.4.noarch.rpm\n\nppc64le:\nhttpd-2.4.6-89.el7_6.4.ppc64le.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.4.ppc64le.rpm\nhttpd-devel-2.4.6-89.el7_6.4.ppc64le.rpm\nhttpd-tools-2.4.6-89.el7_6.4.ppc64le.rpm\nmod_session-2.4.6-89.el7_6.4.ppc64le.rpm\nmod_ssl-2.4.6-89.el7_6.4.ppc64le.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.4.x86_64.rpm\nmod_session-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.6):\n\nSource:\nhttpd-2.4.6-89.el7_6.4.src.rpm\n\nnoarch:\nhttpd-manual-2.4.6-89.el7_6.4.noarch.rpm\n\nx86_64:\nhttpd-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-devel-2.4.6-89.el7_6.4.x86_64.rpm\nhttpd-tools-2.4.6-89.el7_6.4.x86_64.rpm\nmod_session-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ssl-2.4.6-89.el7_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.6):\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.4.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.6):\n\nppc64le:\nhttpd-debuginfo-2.4.6-89.el7_6.4.ppc64le.rpm\nmod_ldap-2.4.6-89.el7_6.4.ppc64le.rpm\nmod_proxy_html-2.4.6-89.el7_6.4.ppc64le.rpm\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.4.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.6):\n\nx86_64:\nhttpd-debuginfo-2.4.6-89.el7_6.4.x86_64.rpm\nmod_ldap-2.4.6-89.el7_6.4.x86_64.rpm\nmod_proxy_html-2.4.6-89.el7_6.4.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-44790\nhttps://access.redhat.com/security/cve/CVE-2022-22720\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 2.4.38-3+deb10u7. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 2.4.52-1~deb11u2. \n\nWe recommend that you upgrade your apache2 packages. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202208-20\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n Title: Apache HTTPD: Multiple Vulnerabilities\n Date: August 14, 2022\n Bugs: #813429, #816399, #816864, #829722, #835131, #850622\n ID: 202208-20\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in Apache Webserver, the\nworst of which could result in remote code execution. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll Apache HTTPD users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-servers/apache-2.4.54\"\n\nAll Apache HTTPD tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-admin/apache-tools-2.4.54\"\n\nReferences\n=========\n[ 1 ] CVE-2021-33193\n https://nvd.nist.gov/vuln/detail/CVE-2021-33193\n[ 2 ] CVE-2021-34798\n https://nvd.nist.gov/vuln/detail/CVE-2021-34798\n[ 3 ] CVE-2021-36160\n https://nvd.nist.gov/vuln/detail/CVE-2021-36160\n[ 4 ] CVE-2021-39275\n https://nvd.nist.gov/vuln/detail/CVE-2021-39275\n[ 5 ] CVE-2021-40438\n https://nvd.nist.gov/vuln/detail/CVE-2021-40438\n[ 6 ] CVE-2021-41524\n https://nvd.nist.gov/vuln/detail/CVE-2021-41524\n[ 7 ] CVE-2021-41773\n https://nvd.nist.gov/vuln/detail/CVE-2021-41773\n[ 8 ] CVE-2021-42013\n https://nvd.nist.gov/vuln/detail/CVE-2021-42013\n[ 9 ] CVE-2021-44224\n https://nvd.nist.gov/vuln/detail/CVE-2021-44224\n[ 10 ] CVE-2021-44790\n https://nvd.nist.gov/vuln/detail/CVE-2021-44790\n[ 11 ] CVE-2022-22719\n https://nvd.nist.gov/vuln/detail/CVE-2022-22719\n[ 12 ] CVE-2022-22720\n https://nvd.nist.gov/vuln/detail/CVE-2022-22720\n[ 13 ] CVE-2022-22721\n https://nvd.nist.gov/vuln/detail/CVE-2022-22721\n[ 14 ] CVE-2022-23943\n https://nvd.nist.gov/vuln/detail/CVE-2022-23943\n[ 15 ] CVE-2022-26377\n https://nvd.nist.gov/vuln/detail/CVE-2022-26377\n[ 16 ] CVE-2022-28614\n https://nvd.nist.gov/vuln/detail/CVE-2022-28614\n[ 17 ] CVE-2022-28615\n https://nvd.nist.gov/vuln/detail/CVE-2022-28615\n[ 18 ] CVE-2022-29404\n https://nvd.nist.gov/vuln/detail/CVE-2022-29404\n[ 19 ] CVE-2022-30522\n https://nvd.nist.gov/vuln/detail/CVE-2022-30522\n[ 20 ] CVE-2022-30556\n https://nvd.nist.gov/vuln/detail/CVE-2022-30556\n[ 21 ] CVE-2022-31813\n https://nvd.nist.gov/vuln/detail/CVE-2022-31813\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202208-20\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users' machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n. Description:\n\nRed Hat Openshift GitOps is a declarative way to implement continuous\ndeployment for cloud native applications. Bugs fixed (https://bugzilla.redhat.com/):\n\n2050826 - CVE-2022-24348 gitops: Path traversal and dereference of symlinks when passing Helm value files\n\n5. ==========================================================================\nUbuntu Security Notice USN-5212-2\nJanuary 10, 2022\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 ESM\n- Ubuntu 14.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. This update provides\nthe corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that the Apache HTTP Server incorrectly handled certain\n forward proxy requests. A remote attacker could use this issue to cause\n the server to crash, resulting in a denial of service, or possibly perform\n a Server Side Request Forgery attack. (CVE-2021-44790)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 ESM:\n apache2 2.4.18-2ubuntu3.17+esm4\n apache2-bin 2.4.18-2ubuntu3.17+esm4\n\nUbuntu 14.04 ESM:\n apache2 2.4.7-1ubuntu4.22+esm3\n apache2-bin 2.4.7-1ubuntu4.22+esm3\n\nIn general, a standard system update will make all the necessary changes", sources: [ { db: "NVD", id: "CVE-2021-44790", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "169211", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "166051", }, { db: "PACKETSTORM", id: "166154", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165501", }, { db: "PACKETSTORM", id: "165747", }, ], trust: 3.15, }, exploit_availability: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { reference: "https://www.scap.org.cn/vuln/vhn-408105", trust: 0.1, type: "unknown", }, ], sources: [ { db: "VULHUB", id: "VHN-408105", }, ], }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2021-44790", trust: 4.3, }, { db: "TENABLE", id: "TNS-2022-01", trust: 1.1, }, { db: "TENABLE", id: "TNS-2022-03", trust: 1.1, }, { db: "OPENWALL", id: "OSS-SECURITY/2021/12/20/4", trust: 1.1, }, { db: "PACKETSTORM", id: "171631", trust: 1, }, { db: "JVN", id: "JVNVU97805418", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2021-016455", trust: 0.8, }, { db: "CNVD", id: "CNVD-2021-102386", trust: 0.7, }, { db: "PACKETSTORM", id: "167189", trust: 0.2, }, { db: "PACKETSTORM", id: "165747", trust: 0.2, }, { db: "PACKETSTORM", id: "166154", trust: 0.2, }, { db: "PACKETSTORM", id: "168072", trust: 0.2, }, { db: "PACKETSTORM", id: "167188", trust: 0.2, }, { db: "PACKETSTORM", id: "165501", trust: 0.2, }, { db: "PACKETSTORM", id: "165710", trust: 0.2, }, { db: "PACKETSTORM", id: "165745", trust: 0.1, }, { db: "PACKETSTORM", id: "165587", trust: 0.1, }, { db: "PACKETSTORM", id: "167186", trust: 0.1, }, { db: "PACKETSTORM", id: "165467", trust: 0.1, }, { db: "VULHUB", id: "VHN-408105", trust: 0.1, }, { db: "PACKETSTORM", id: "166576", trust: 0.1, }, { db: "PACKETSTORM", id: "169211", trust: 0.1, }, { db: "PACKETSTORM", id: "166051", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "169211", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "166051", }, { db: "PACKETSTORM", id: "166154", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165501", }, { db: "PACKETSTORM", id: "165747", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, id: "VAR-202112-1608", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, ], trust: 0.06999999999999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, ], }, last_update_date: "2024-11-29T20:00:22.176000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "hitachi-sec-2023-217", trust: 0.8, url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { title: "Patch for Apache HTTP Server buffer overflow vulnerability (CNVD-2021-102386)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/310311", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-787", trust: 1.1, }, { problemtype: "Out-of-bounds writing (CWE-787) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "VULHUB", id: "VHN-408105", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44790", }, { trust: 1.2, url: "https://security.gentoo.org/glsa/202208-20", }, { trust: 1.1, url: "https://support.apple.com/kb/ht213255", }, { trust: 1.1, url: "https://support.apple.com/kb/ht213256", }, { trust: 1.1, url: "https://support.apple.com/kb/ht213257", }, { trust: 1.1, url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2022-01", }, { trust: 1.1, url: "https://www.tenable.com/security/tns-2022-03", }, { trust: 1.1, url: "https://www.debian.org/security/2022/dsa-5035", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2022/may/38", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2022/may/35", }, { trust: 1.1, url: "http://seclists.org/fulldisclosure/2022/may/33", }, { trust: 1.1, url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { trust: 1.1, url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { trust: 1.1, url: "http://www.openwall.com/lists/oss-security/2021/12/20/4", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/rgwilbort67shmslysqzg2nmxgcmpuzo/", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bfswoh4x77cv7ah7c4rmhubdwkqdl4yh/", }, { trust: 1, url: "http://packetstormsecurity.com/files/171631/apache-2.4.x-buffer-overflow.html", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/z7h26wj6tpknwv3qky4bhkukqvutzjtd/", }, { trust: 1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/x73c35mmmzgbvpqqch7lqzumyznqa5fo/", }, { trust: 0.8, url: "https://jvn.jp/vu/jvnvu97805418/", }, { trust: 0.5, url: "https://nvd.nist.gov/vuln/detail/cve-2021-44224", }, { trust: 0.5, url: "https://access.redhat.com/security/cve/cve-2021-44790", }, { trust: 0.5, url: "https://listman.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.5, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.5, url: "https://access.redhat.com/articles/11258", }, { trust: 0.5, url: "https://bugzilla.redhat.com/):", }, { trust: 0.5, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22720", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22721", }, { trust: 0.3, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22719", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.2, url: "https://support.apple.com/downloads/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23308", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22589", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22663", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22674", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0530", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26698", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26697", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0778", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2021-45444", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2018-25032", }, { trust: 0.2, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.2, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22665", }, { trust: 0.2, url: "https://support.apple.com/en-us/ht201222.", }, { trust: 0.2, url: "https://access.redhat.com/security/cve/cve-2022-24348", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bfswoh4x77cv7ah7c4rmhubdwkqdl4yh/", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/z7h26wj6tpknwv3qky4bhkukqvutzjtd/", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/x73c35mmmzgbvpqqch7lqzumyznqa5fo/", }, { trust: 0.1, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/rgwilbort67shmslysqzg2nmxgcmpuzo/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-46059", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-0128", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4187", }, { trust: 0.1, url: "https://support.apple.com/ht213256.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4193", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4173", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4192", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4136", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-22675", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26706", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26712", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-4166", }, { trust: 0.1, url: "https://support.apple.com/ht213255.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26726", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26714", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26727", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26728", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26748", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26721", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26720", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26715", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26722", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26746", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2022-22720", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:1136", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/apache2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28614", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-31813", }, { trust: 0.1, url: "https://bugs.gentoo.org.", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-29404", }, { trust: 0.1, url: "https://creativecommons.org/licenses/by-sa/2.5", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-28615", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30522", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41773", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-41524", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-40438", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-30556", }, { trust: 0.1, url: "https://security.gentoo.org/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-42013", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-36160", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-34798", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-23943", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-39275", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33193", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-26377", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14155", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-24370", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-13435", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-12762", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-20838", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-43527", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:0580", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3426", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17594", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22876", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-17594", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33574", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-33560", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-5827", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3800", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33574", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-40346", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-42574", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-19603", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-27645", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20231", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-24370", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14145", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3572", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3445", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2016-4658", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22925", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3200", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-37750", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22876", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-16135", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13750", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-39241", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-17595", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-22898", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36085", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-28153", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-19603", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13750", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20271", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20231", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3580", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2020-14155", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-16135", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-13751", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-17595", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-27645", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22925", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-22898", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36087", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-13751", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-3200", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20271", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-20838", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-35942", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-12762", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-13435", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36086", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3712", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2020-14145", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-28153", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-20232", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-33560", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2021-20232", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-18218", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2019-5827", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-36084", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2016-4658", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-18218", }, { trust: 0.1, url: "https://access.redhat.com/security/cve/cve-2021-3521", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:0682", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2022-24348", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:0258", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5212-1", }, { trust: 0.1, url: "https://ubuntu.com/security/notices/usn-5212-2", }, { trust: 0.1, url: "https://access.redhat.com/errata/rhsa-2022:0303", }, ], sources: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "169211", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "166051", }, { db: "PACKETSTORM", id: "166154", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165501", }, { db: "PACKETSTORM", id: "165747", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2021-102386", }, { db: "VULHUB", id: "VHN-408105", }, { db: "JVNDB", id: "JVNDB-2021-016455", }, { db: "PACKETSTORM", id: "167188", }, { db: "PACKETSTORM", id: "167189", }, { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "169211", }, { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "166051", }, { db: "PACKETSTORM", id: "166154", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165501", }, { db: "PACKETSTORM", id: "165747", }, { db: "NVD", id: "CVE-2021-44790", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-24T00:00:00", db: "CNVD", id: "CNVD-2021-102386", }, { date: "2021-12-20T00:00:00", db: "VULHUB", id: "VHN-408105", }, { date: "2022-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2021-016455", }, { date: "2022-05-17T16:59:42", db: "PACKETSTORM", id: "167188", }, { date: "2022-05-17T16:59:55", db: "PACKETSTORM", id: "167189", }, { date: "2022-04-04T14:30:33", db: "PACKETSTORM", id: "166576", }, { date: "2022-01-28T20:12:00", db: "PACKETSTORM", id: "169211", }, { date: "2022-08-15T16:02:48", db: "PACKETSTORM", id: "168072", }, { date: "2022-02-18T16:37:39", db: "PACKETSTORM", id: "166051", }, { date: "2022-02-28T16:18:23", db: "PACKETSTORM", id: "166154", }, { date: "2022-01-26T15:06:30", db: "PACKETSTORM", id: "165710", }, { date: "2022-01-10T17:59:29", db: "PACKETSTORM", id: "165501", }, { date: "2022-01-27T14:43:52", db: "PACKETSTORM", id: "165747", }, { date: "2021-12-20T12:15:07.440000", db: "NVD", id: "CVE-2021-44790", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2021-12-27T00:00:00", db: "CNVD", id: "CNVD-2021-102386", }, { date: "2022-11-02T00:00:00", db: "VULHUB", id: "VHN-408105", }, { date: "2023-12-12T07:43:00", db: "JVNDB", id: "JVNDB-2021-016455", }, { date: "2024-11-21T06:31:33.257000", db: "NVD", id: "CVE-2021-44790", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "PACKETSTORM", id: "168072", }, { db: "PACKETSTORM", id: "165501", }, ], trust: 0.2, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apache HTTP Server of mod_lua Buffer overflow vulnerability in multipart parser", sources: [ { db: "JVNDB", id: "JVNDB-2021-016455", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "overflow", sources: [ { db: "PACKETSTORM", id: "166576", }, { db: "PACKETSTORM", id: "165710", }, { db: "PACKETSTORM", id: "165747", }, ], trust: 0.3, }, }
Vulnerability from fkie_nvd
Published
2020-02-27 21:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://bugs.php.net/bug.php?id=79171 | Exploit, Vendor Advisory | |
| security@php.net | https://security.gentoo.org/glsa/202003-57 | Third Party Advisory | |
| security@php.net | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=79171 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202003-57 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "C6DEDF33-5700-450F-980D-8CA598A53DED", versionEndIncluding: "7.2.27", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA6A47B-6146-4361-AED1-4263B7911C6C", versionEndIncluding: "7.3.14", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "D73AA9E0-B622-41A6-9E5B-924051D4CA61", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", matchCriteriaId: "A2572D17-1DE6-457B-99CC-64AFD54487EA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.", }, { lang: "es", value: "En PHP versiones 7.3.x por debajo de 7.3.15 y versiones 7.4.x por debajo de 7.4.3, mientras son extraídos los archivos PHAR en Windows usando la extensión phar, determinado contenido dentro del archivo PHAR podría conllevar a una lectura de un byte más allá del búfer asignado. Esto potencialmente podría conllevar a una divulgación de información o bloqueo de aplicación.", }, ], id: "CVE-2020-7061", lastModified: "2024-11-21T05:36:35.560", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-27T21:15:18.927", references: [ { source: "security@php.net", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79171", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-09 19:15
Modified
2024-11-21 04:35
Severity ?
Summary
pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sqlite | sqlite | * | |
| siemens | sinec_infrastructure_network_services | * | |
| tenable | tenable.sc | * | |
| oracle | mysql_workbench | * | |
| netapp | cloud_backup | - | |
| netapp | ontap_select_deploy_administration_utility | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", matchCriteriaId: "9234ECCF-E771-485D-B89B-9F67AAB332A1", versionEndIncluding: "3.30.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "7B4DA1DD-9BC1-4D76-BB41-6E6D69838571", versionEndIncluding: "8.0.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns.", }, { lang: "es", value: "El archivo pragma.c en SQLite versiones hasta 3.30.1, maneja inapropiadamente NOT NULL en un comando PRAGMA de integrity_check en determinados casos de columnas generadas.", }, ], id: "CVE-2019-19646", lastModified: "2024-11-21T04:35:07.337", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-09T19:15:14.757", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.sqlite.org/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.sqlite.org/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-754", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-25 15:15
Modified
2024-11-21 06:21
Severity ?
Summary
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "B213E696-A6D9-45E7-B4E4-E4CFE54ECEB8", versionEndExcluding: "1.1.1k", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*", matchCriteriaId: "73D9C08B-8F5B-40C4-A5BD-B00D2E4C012D", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*", matchCriteriaId: "62A178A3-6A52-4981-9A27-FB07AD8AF778", vulnerable: true, }, { criteria: "cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*", matchCriteriaId: "54A487B1-E5CE-4C76-87E8-518D24C5D86D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*", matchCriteriaId: "280AA828-6FA9-4260-8EC1-019423B966E1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", matchCriteriaId: "24B8DB06-590A-4008-B0AB-FCD1401C77C6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "4ACF85D6-6B45-43DA-9C01-F0208186F014", versionEndExcluding: "6.0.9", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*", matchCriteriaId: "0AC12300-9051-4C70-9941-9FE5E64B4B30", versionEndIncluding: "8.13.1", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*", matchCriteriaId: "657682A0-54D5-4DC6-A98E-8BAF685926C4", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*", matchCriteriaId: "8661D361-71B5-4C41-A818-C89EC551D900", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*", matchCriteriaId: "253603DC-2D92-442A-B3A8-A63E14D8A070", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*", matchCriteriaId: "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1721B5-9FCD-47C3-8338-E02932CF2C05", versionEndIncluding: "5.17.0", versionStartIncluding: "5.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*", matchCriteriaId: "DEA7F1FD-9FAB-4654-98B0-4588EEC8B69A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*", matchCriteriaId: "868B2C4B-CE6B-41DA-A373-7D4FA51EFE9F", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "550F47A2-3393-481E-BC40-CE606BFA8776", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*", matchCriteriaId: "43392D27-6C07-41C7-A17F-10C433338CE9", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*", matchCriteriaId: "8FBF6C4C-195F-49A7-861D-52677D9BE58D", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*", matchCriteriaId: "90732D53-E802-4E1B-B6C8-B1FDCE7905A4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "A98B128A-C58E-48EC-B691-AF73126A0822", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "345B990F-C1C4-440B-804E-0A2882FE7C01", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:quantum_security_management:-:*:*:*:*:*:*:*", matchCriteriaId: "08601413-25E2-4977-B67A-C11A9D788EA8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "EFC067CC-EB90-43F5-9674-089D5C611573", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "80B223A7-1039-445D-ABE1-5E481004D956", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:multi-domain_management:-:*:*:*:*:*:*:*", matchCriteriaId: "1584E1B4-412C-40E2-BF07-4E464692F2AE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*", matchCriteriaId: "A0002A29-8B42-445D-9EC4-58BC93194241", vulnerable: true, }, { criteria: "cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*", matchCriteriaId: "3B0EDB21-9305-4601-AB96-A77BD00F311D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:checkpoint:quantum_security_gateway:-:*:*:*:*:*:*:*", matchCriteriaId: "9016DDF6-285C-4E64-88D0-29ECCEF048F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "570DB369-A31B-4108-A7FD-09F674129603", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "61516569-C48F-4362-B334-8CA10EDB0EC2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*", matchCriteriaId: "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", matchCriteriaId: "058C7C4B-D692-49DE-924A-C2725A8162D3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "0F0434A5-F2A1-4973-917C-A95F2ABE97D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "96DD93E0-274E-4C36-99F3-EEF085E57655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "86305E47-33E9-411C-B932-08C395C09982", versionEndExcluding: "9.2.6.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*", matchCriteriaId: "A8782A14-89B0-45EE-A5CB-FF715F5BA379", versionEndIncluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "5C40ECC8-933B-47A4-8082-FCF0EF9C973E", versionEndIncluding: "5.7.33", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "32714AD7-BCD1-4624-9923-5E6D927CF3CB", versionEndIncluding: "8.0.23", versionStartIncluding: "8.0.15", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "CB1A94E1-A6C6-488D-A74C-6C0B24637272", versionEndIncluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", matchCriteriaId: "C01E8B82-71C7-4A4A-A70A-7B147524AB4A", versionEndExcluding: "18.1.0.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*", matchCriteriaId: "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6E8B6D50-D482-43E9-A20D-FA77FD59AE2D", versionEndExcluding: "10.2.1.0-17sv", versionStartIncluding: "10.2.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:sma100:-:*:*:*:*:*:*:*", matchCriteriaId: "8E4A2B7B-40F5-4AE0-ACC7-E94B82435DBA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*", matchCriteriaId: "349EB4AE-65E3-42DC-8F9C-3A1A155324D7", vulnerable: true, }, { criteria: "cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "2BD8688A-2D55-4A7E-A143-1BD0FCF957B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5081E52B-E7C0-46BD-B1D0-2C70ABCC8831", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:ruggedcom_rcm1224:-:*:*:*:*:*:*:*", matchCriteriaId: "3747CDD7-E833-4B68-A362-77D6A2E9D888", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "058D21EA-E94C-4DDC-AD92-967DAC934457", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*", matchCriteriaId: "52A77C9D-E59C-4397-B834-797D7B334A6B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "424CD8EA-D8CB-40C7-8E0F-AC4B05C59C99", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_m-800:-:*:*:*:*:*:*:*", matchCriteriaId: "DFB9921A-5204-40A3-88AB-B7755F5C6875", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "858B6A84-5D0E-4E23-AE32-A45B51BAC8CF", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s602:-:*:*:*:*:*:*:*", matchCriteriaId: "F4D89D82-C2CE-44DC-A05B-B956F20BF4E3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D173626B-9C50-489F-8BA4-1C45E5F96526", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s612:-:*:*:*:*:*:*:*", matchCriteriaId: "CA7B48D2-0D17-420D-AAE1-35E5C0BE2924", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E967F5FC-6F3E-4982-8813-CA1DAF3BE165", versionStartIncluding: "6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*", matchCriteriaId: "E917CBBB-EF41-4113-B0CA-EB91889235E7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "81F315D8-0B26-4442-B330-85124017A482", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s623:-:*:*:*:*:*:*:*", matchCriteriaId: "F80D9A79-7984-462B-B4B9-6A4429422038", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6F20F735-7A70-4A24-9621-786F99C8F87D", versionStartIncluding: "4.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_s627-2m:-:*:*:*:*:*:*:*", matchCriteriaId: "B51B40F8-71D2-4D2D-8EC2-CE154A6D7533", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "973B8030-B630-4D67-B897-25A359A96185", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_sc-600:-:*:*:*:*:*:*:*", matchCriteriaId: "725C671B-D7A0-48CF-8A31-5F9C4173F1DD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "86EA8E3F-81BD-47BC-9834-A9B69CA7E70C", versionStartIncluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w700:-:*:*:*:*:*:*:*", matchCriteriaId: "D3033B1E-57A6-4AE3-A861-7047CF8EAD79", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "BE116AD9-B55F-41C8-8B55-329809DB63E1", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_w1700:-:*:*:*:*:*:*:*", matchCriteriaId: "5D9A73DD-4A21-4096-B4B6-A0A825E71006", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "144CDF5E-7E07-428B-B4DF-C94992B3A44A", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xb-200:-:*:*:*:*:*:*:*", matchCriteriaId: "6CB3CC2D-CBF0-4F53-A412-01BBC39E34C2", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "339FFBDF-6957-481F-84CE-878B5CAAD9C8", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xc-200:-:*:*:*:*:*:*:*", matchCriteriaId: "7719E194-EE3D-4CE8-8C85-CF0D82A553AA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6FBB13D3-4E04-4D01-B880-C16C4FFA240B", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xf-200ba:-:*:*:*:*:*:*:*", matchCriteriaId: "58377C58-F660-4C17-A3CB-BFC2F28848CD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E40058B3-3726-4F6A-AB41-7679487639F2", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xm-400:-:*:*:*:*:*:*:*", matchCriteriaId: "798E900F-5EF9-4B39-B8C2-79FAE659E7F5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E642D10-E701-44DF-863B-D0DAA5530F50", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xp-200:-:*:*:*:*:*:*:*", matchCriteriaId: "8F962FC7-0616-467F-8CCA-ADEA224B5F7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4A53C2B5-A3FD-44CC-A78B-D2124EF37DB4", versionEndExcluding: "4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr-300wg:-:*:*:*:*:*:*:*", matchCriteriaId: "434BC9BE-C5DB-4DAF-8E07-DFE4EEA0D7FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54FBE4D4-F31E-4B61-9216-44C8EC2988AB", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr524-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "B0E6B7D8-3F9E-43D6-AEFE-DEE3993679C5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "20511D61-FC1D-453E-BDF6-D3FB9951192A", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr526-8c:-:*:*:*:*:*:*:*", matchCriteriaId: "67661569-6233-4C74-9C72-88BD14B257FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "640AC619-B516-46FC-821B-09C4542A3FD6", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr528-6m:-:*:*:*:*:*:*:*", matchCriteriaId: "3E048C4A-A414-4C87-A865-4D4218AE32EE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1FB979DB-731B-4693-A9F8-B11ED953717C", versionEndExcluding: "6.4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:scalance_xr552-12:-:*:*:*:*:*:*:*", matchCriteriaId: "09743616-31C9-4E47-8A4A-B15D76204BE7", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "886D2FE6-B054-4E3B-BACB-F08C0A119A80", versionStartIncluding: "1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3B185B70-CAC9-47AC-8639-7A4707C21540", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cloud_connect_7:-:*:*:*:*:*:*:*", matchCriteriaId: "9FA78457-260C-467B-9785-04B3C8EDF3B3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "ABEA3BEE-E7AF-4C9A-ADE4-CE7FC1DB7639", versionStartIncluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "049460B8-6186-44F9-B41F-284A2EC0B3B4", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:-:*:*:*:*:*:*:*", matchCriteriaId: "205482DA-548C-4757-91F0-1599438873BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "45208694-635A-42AC-B668-8B67C60568B8", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_basic_panels_2nd_generation:-:*:*:*:*:*:*:*", matchCriteriaId: "7D8F8BCE-35CE-492A-8BFE-2C36EA51CE5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B4C147D9-4649-4289-B18B-55BD6E33521A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_comfort_outdoor_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "F4830E0D-0128-4E5B-AB81-2B238471AE4B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "54EFA8B5-8DA1-4547-9E15-BDC265C56006", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_hmi_ktp_mobile_panels:-:*:*:*:*:*:*:*", matchCriteriaId: "B1CEB200-E38F-4629-9279-5AF065396678", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DE4FA1E6-4C5A-4CDC-AD40-E384C0BCA90D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_mv500:-:*:*:*:*:*:*:*", matchCriteriaId: "93A5B50E-0316-4189-8F41-54732CFCF63F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D254DA1D-C53E-426B-9C69-580CC47CF0AA", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-1:-:*:*:*:*:*:*:*", matchCriteriaId: "65278BA0-3C81-4D81-9801-D7BE3A1D7680", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C06A02ED-0BA3-4A2C-AF0C-689B8AEB34B8", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_eu:-:*:*:*:*:*:*:*", matchCriteriaId: "209C7B1E-10F6-4215-AF69-CC36192E0FCE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "CF8C00EE-1154-440C-A223-A2CE99CE3126", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp1243-7_lte_us:-:*:*:*:*:*:*:*", matchCriteriaId: "171A9543-E677-422F-8AEA-1BC2D0E53593", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "DB201DD3-8890-453E-A11E-1E13B3DAB3F9", versionStartIncluding: "3.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1243-8_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "350FD323-C876-4C7A-A2E7-4B0660C87F6C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "61E498B1-87FF-454B-8DF0-61D0D3208491", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1542sp-1_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1EE2F10-A7A6-486F-AE5C-53AE25BAF200", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "90FB801F-11B5-438C-98A1-E928BFEA2ADB", versionEndExcluding: "3.0", versionStartIncluding: "2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543-1:-:*:*:*:*:*:*:*", matchCriteriaId: "F56C2BDC-928E-491A-8E7C-F976B3787C7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E4BA1E6-64F7-4B96-8302-134057DAB1BE", versionStartIncluding: "2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1543sp-1:-:*:*:*:*:*:*:*", matchCriteriaId: "783B50B8-2FB7-4982-88AA-B4F2AD094796", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1DCA9544-DD17-4F56-B34C-91A3F37154AF", versionStartIncluding: "1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_net_cp_1545-1:-:*:*:*:*:*:*:*", matchCriteriaId: "1256EB4B-DD8A-4F99-AE69-F74E8F789C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5C25165E-EDE9-42F1-A3B9-0E47630D49CC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_7_telecontrol:-:*:*:*:*:*:*:*", matchCriteriaId: "5BF281FB-26E0-43E4-A2B6-4015661368AC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EEACFC9-41B7-4EE0-9427-692363880326", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pcs_neo:-:*:*:*:*:*:*:*", matchCriteriaId: "EF3CA343-CA2A-4593-930C-158612CE7A55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7E9AE23E-7DAE-4191-BA4E-A7CD655C4BC8", versionStartIncluding: "9.1.0.7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_pdm:-:*:*:*:*:*:*:*", matchCriteriaId: "E092B735-42D5-48D5-947B-288C0FA2E180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D874D636-392A-4750-B976-F411DBCEBA8D", versionStartIncluding: "2019", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_process_historian_opc_ua_server:-:*:*:*:*:*:*:*", matchCriteriaId: "14EC9343-7778-40B0-A74D-5C156FF2A229", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "968FBB4E-5B0B-43D4-B3AD-418028093990", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf166c:-:*:*:*:*:*:*:*", matchCriteriaId: "391AD485-A49D-43D0-AAE5-1F58B38D4E22", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "5212F097-B65A-4D73-BB6F-49687F8AD980", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf185c:-:*:*:*:*:*:*:*", matchCriteriaId: "82494B5E-80EE-47ED-B87E-CF8C8907B6FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D806113B-57EB-4AA0-9D5E-12E30337A93B", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186c:-:*:*:*:*:*:*:*", matchCriteriaId: "9B0933EB-82BE-42BB-978B-C9EC2FE1C795", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "53FA50A7-2DF6-454E-8A8E-838C392AB417", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf186ci:-:*:*:*:*:*:*:*", matchCriteriaId: "1EAEB335-BD22-4CEF-A3EA-9D98A09FEBF0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "7F3D41E9-58B3-4251-8710-A8C4A24ABBD3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188c:-:*:*:*:*:*:*:*", matchCriteriaId: "E21F9909-8D80-40BE-81E0-6ED7FE140A3A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "FC628CB7-0816-4267-9C5D-954BD0233D2E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf188ci:-:*:*:*:*:*:*:*", matchCriteriaId: "B0927991-E820-4FC3-9EFE-96E4C9BFCCCD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "88E64167-16AA-48D7-BCDC-B15D37FA666D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_rf360r:-:*:*:*:*:*:*:*", matchCriteriaId: "63F05227-208B-42C8-8D56-A5D106CAD32F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "47F1294A-1C26-4D43-9C53-D833F2510536", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1211c:-:*:*:*:*:*:*:*", matchCriteriaId: "3871C0C9-C65E-4E0B-9CA8-75E60066297F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4AF60081-D534-44F5-972F-23257F16F372", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212c:-:*:*:*:*:*:*:*", matchCriteriaId: "07849777-92E7-41D2-9128-F8D20DE15391", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "AEF1726E-B56F-4D39-AFF4-E79A3CA00DE6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1212fc:-:*:*:*:*:*:*:*", matchCriteriaId: "68B3573B-A31E-4489-B2DD-B01B5C1D03CB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC4A9F7-9858-4F95-8097-F8D09DA61314", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "B640800C-9263-4BEA-9DA5-1323932540BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "4948734A-0AAD-4D28-B7FF-FFBBB9AA39C6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214c:-:*:*:*:*:*:*:*", matchCriteriaId: "FE17584A-BF7A-48B8-A9CB-477663766C63", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9CC4A9F7-9858-4F95-8097-F8D09DA61314", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1214_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "B640800C-9263-4BEA-9DA5-1323932540BD", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6EE37798-B068-40E5-BC03-1D8D303E5926", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215_fc:-:*:*:*:*:*:*:*", matchCriteriaId: "76C7D55C-8D99-4E2F-A254-1BDE2B12A203", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8E0C491C-5C4A-4F1C-ABD4-9502A54AAA78", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1215c:-:*:*:*:*:*:*:*", matchCriteriaId: "CC4698CF-F935-4707-BA91-7E3650C7956C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E7657063-1296-4734-B108-A2FF7A01B07F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1200_cpu_1217c:-:*:*:*:*:*:*:*", matchCriteriaId: "232279DE-CF1C-4A3C-886D-B4CE3F104F09", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8C477CCD-06C7-4907-8B0C-4FCE7F6DADAD", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp:-:*:*:*:*:*:*:*", matchCriteriaId: "3BC4FA01-8DDB-41E4-B759-7B504F78AEBC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3360ACCE-E735-4E34-B278-0D4460E74CBF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:sinamics_connect_300:-:*:*:*:*:*:*:*", matchCriteriaId: "7B854F5B-78C7-41FE-9364-5E71B36342A3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D2B20D95-C4B3-4D13-A3D8-F22AC42DC059", versionEndExcluding: "2.2", versionStartIncluding: "2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*", matchCriteriaId: "C1D94BEB-BBFB-4258-9835-87DBBB999239", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*", matchCriteriaId: "D6F24E40-F3F0-48F3-B3DC-5F98B0564F7A", versionStartIncluding: "1.6.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*", matchCriteriaId: "423359E5-9C36-4C6B-AB24-B030E6C61D53", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*", matchCriteriaId: "79EE15DC-74D3-4551-AAD0-EA0CB600DA76", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*", matchCriteriaId: "F3169FD3-CBA2-417C-95EF-4F8AE9FAB5AD", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4ED13FC8-63C0-42C6-A51C-C480C45327C2", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "E68FE047-8F53-46B8-82D4-9342B1C8CA55", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*", matchCriteriaId: "1353DC31-FB12-427A-B1B2-9164A4BEE14B", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*", matchCriteriaId: "B0A5CC25-A323-4D49-8989-5A417D12D646", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*", matchCriteriaId: "A690BCD3-6497-43F7-8A51-E033B9121DC8", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*", matchCriteriaId: "AA375D44-ECC5-4BD3-A3D5-6D2AA68782D5", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*", matchCriteriaId: "6CD26C73-B61F-424B-91C2-352E2CAE6666", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*", matchCriteriaId: "DB4EA15F-ECA4-477F-948F-490FC90BC66A", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*", matchCriteriaId: "ABA14E65-214C-431D-A49A-D8FC142D4541", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*", matchCriteriaId: "915B09CB-CA0A-445B-89D3-16AE9B08858E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "25A3180B-21AF-4010-9DAB-41ADFD2D8031", versionEndIncluding: "10.12.0", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "43B199B4-D89C-483D-ACAE-6CB2A59EE67C", versionEndIncluding: "10.24.0", versionStartIncluding: "10.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "564ED5C8-50D7-413A-B88E-E62B6C07336A", versionEndIncluding: "12.12.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "3DEBF7C8-B000-47B9-B597-DC440F2603B3", versionEndExcluding: "12.22.1", versionStartIncluding: "12.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "380D03F3-6A7E-43A2-B002-FB2521FD3C58", versionEndExcluding: "14.16.1", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3", versionEndExcluding: "15.14.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).", }, { lang: "es", value: "Un servidor OpenSSL TLS puede cometer un fallo si un cliente envía un mensaje ClientHello de renegociación diseñado maliciosamente. Si una renegociación de TLSv1.2 ClientHello omite la extensión signature_algorithms (donde estaba presente en el ClientHello inicial), pero incluye una extensión signature_algorithms_cert, se producirá una desreferencia del puntero NULL, lo que conllevará un bloqueo y un ataque de denegación de servicio. Un servidor solo es vulnerable si tiene TLSv1.2 y la renegociación habilitada (que es la configuración predeterminada). Los clientes de OpenSSL TLS no están afectados por este problema. Todas las versiones de OpenSSL versión 1.1.1 están afectadas por este problema. Los usuarios de estas versiones deben actualizar a OpenSSL versión 1.1.1k. OpenSSL versión 1.0.2 no está afectado por este problema. Corregido en OpenSSL versión 1.1.1k (Afectadas versiones 1.1.1-1.1.1j)", }, ], id: "CVE-2021-3449", lastModified: "2024-11-21T06:21:33.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-25T15:15:13.450", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { source: "openssl-security@openssl.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-05", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-06", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/27/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/28/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10356", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210326-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210325.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-10", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-09 16:15
Modified
2024-11-21 04:35
Severity ?
Summary
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sqlite | sqlite | * | |
| netapp | cloud_backup | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| oracle | mysql_workbench | * | |
| tenable | tenable.sc | * | |
| siemens | sinec_infrastructure_network_services | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", matchCriteriaId: "9234ECCF-E771-485D-B89B-9F67AAB332A1", versionEndIncluding: "3.30.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "7B4DA1DD-9BC1-4D76-BB41-6E6D69838571", versionEndIncluding: "8.0.19", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.", }, { lang: "es", value: "El archivo alter.c en SQLite versiones hasta 3.30.1, permite a atacantes activar una recursión infinita por medio de ciertos tipos de vistas autorreferenciales junto con declaraciones ALTER TABLE.", }, ], id: "CVE-2019-19645", lastModified: "2024-11-21T04:35:07.153", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-09T16:15:10.407", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4394-1/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191223-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4394-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-674", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-26 21:18
Modified
2025-03-27 20:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "88CB8AC6-3A92-4EEE-AE65-5A295ED6E421", versionEndIncluding: "5.23.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly.", }, { lang: "es", value: "Existe una vulnerabilidad Server Side Request Forgery (SSRF) en Tenable.sc debido a una validación incorrecta de la sesión y del proceso. datos de entrada accesibles para el usuario. Un atacante remoto autenticado y privilegiado podría interactuar con servicios internos y externos de forma encubierta.", }, ], id: "CVE-2023-24495", lastModified: "2025-03-27T20:15:19.880", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-26T21:18:19.583", references: [ { source: "vulnreport@tenable.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-02 15:15
Modified
2024-11-21 05:36
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Summary
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 15.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 20.04 | |
| netapp | clustered_data_ontap | - | |
| oracle | communications_diameter_signaling_router | * | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "63EC1EEB-0BEC-496B-B225-066232FDFCF0", versionEndExcluding: "7.2.34", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "EEFF4B6D-4A40-479B-846E-EA3372E062E0", versionEndExcluding: "7.3.23", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "7D5112FC-B50B-4C73-A876-0C7FB66EB4F1", versionEndExcluding: "7.4.11", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", matchCriteriaId: "C88D46AF-459D-4917-9403-0F63FEC83512", versionEndIncluding: "8.5.0", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.34, versiones 7.3.x por debajo de 7.3.23 y versiones 7.4.x por debajo de 7.4.11, cuando el modo AES-CCM es usado con la función openssl_encrypt() con 12 bytes IV, solo los primeros 7 bytes del IV está actualmente usado. Esto puede conllevar a una disminución de seguridad y datos de cifrado incorrectos", }, ], id: "CVE-2020-7069", lastModified: "2024-11-21T05:36:36.820", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-02T15:15:12.670", references: [ { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { source: "security@php.net", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79601", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202012-16", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4583-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79601", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202012-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4583-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-02-20 16:29
Modified
2024-11-21 04:49
Severity ?
Summary
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*", matchCriteriaId: "AF0E68F9-B5C2-4419-8530-866FD2DABFB7", versionEndExcluding: "3.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*", matchCriteriaId: "6BA71059-1A13-4A57-B6DD-98A79FA0630E", versionEndExcluding: "4.3.1", versionStartIncluding: "4.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "EA130AF7-C25F-4C0B-ACAF-E7436C722431", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ADEF9870-DBD7-4603-90B7-7BF14ED4B7C5", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "533D1068-0BF4-40ED-B28F-E98BF0F18454", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "FC5CA1E2-341C-42A9-88AC-E6C83DED0B9D", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1845A169-7B6C-4B7D-B8FC-0245DC1B4EEF", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "C5C8CEBF-CEE7-4D05-AB46-1F22C3C29889", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "37BF8F88-0F8D-45F9-95FF-052434599267", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "16EBA08B-8FBD-47BE-A5BE-F5145788E8CB", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "09F6EC13-4398-48CB-B999-14FABE281247", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "CF28DE16-F322-42DB-B0E6-67489DD258F6", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "5A5BC28E-1780-4BDF-AF73-3477CC983B6A", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "9228FA0A-8745-4731-A214-5A8AC0AA902A", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5F3CFB0D-DDA1-4CFF-BAB4-96EF72F4F777", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4115BD48-6E2A-4321-8EB7-ACCDF6CC6321", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "1261AE74-41AF-4848-9AD9-46918C46845B", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8BC7ABB7-2FA9-42CA-9BEF-241A91F317FF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "2C21D1B2-2424-4A56-A179-431EDC41B929", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93521D73-6412-4E80-B210-65CA6DAC8EA4", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "ADFDF244-00AA-4BD9-A255-24CAF55CD6F0", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "E08E3F72-4CEF-4607-8B27-515E6471B9D1", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "E69B6320-088E-445D-8863-34CF67F172F3", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "DBA2F9FE-071E-411E-8E1F-3A8FA34D708F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "34683A8C-E7B3-4DC4-9934-A55A44181B18", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*", matchCriteriaId: "9BE59364-3DB3-4528-AFC4-D3A39872514D", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E7DEDB9D-58DB-45EB-91EA-8A6694E4F29A", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "CD847946-00F8-44BE-A9C1-2D3CAA1BD63C", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "09B13A2F-D302-416C-916E-4642CC46D9F6", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "EEA3324A-4661-4CCF-9E40-DD50162542A0", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "95EDA820-6FDE-44B9-89CE-B83847416CF4", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "1A077B3F-F587-47FA-912A-9816EADA9CFA", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "5F14E9A0-3E7E-440E-B323-BED2D3E3F221", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*", matchCriteriaId: "F14F10D9-4F2D-4C6D-8B0C-9775ED35DFEF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "DFF4B95E-40C6-4C8F-81BD-172A907CA5FD", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "93F6D55C-8873-470A-9E93-42F6A2DDE07F", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F72B979A-B35A-464D-BCA1-2A5BD0A29886", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "14CEF743-6C3B-4D90-99BF-6A27B37ADAEA", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "BFA7EEBD-F6F6-4243-B57D-BE210D8E16CF", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "787DA0E4-D4A0-4622-8AC0-9386EE3F62B0", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "EC366757-92D1-49ED-A641-47139AEEF613", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "542EB351-79B1-4A9D-A5A1-2F3E0E88963C", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "591EA641-C103-4575-97D5-15D41B20E581", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "5C1BEC52-BC21-4996-A34F-4D9DF4D2F087", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8CA439FF-659C-4F34-9CBD-76D95A96E063", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "895E610D-52F6-45CA-B205-D110A1DC6BEC", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9866C62F-DA11-43B1-B475-A07B1B58933D", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "12351892-247E-477C-8C50-E0DA37F6A716", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "90D4E2C9-4353-49E7-B5C7-E9E7140F49AC", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "4B114C6C-E950-4B75-B341-022799ABBACF", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "BC99D7B3-65E5-4C9E-9D34-FF9161295F86", versionEndExcluding: "12.1.5.1", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "A6C6F80B-85DC-461E-9BF9-6EF41C467243", versionEndExcluding: "13.1.3.4", versionStartIncluding: "13.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "E0C65C13-C852-4A12-BFC0-A4DB201FFCAF", versionEndExcluding: "14.1.2.5", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*", matchCriteriaId: "57FD7F09-9829-42B0-913E-A43129AD758B", versionEndExcluding: "15.1.0", versionStartIncluding: "15.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*", matchCriteriaId: "9FA1A18F-D997-4121-A01B-FD9B3BF266CF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.", }, { lang: "es", value: "En Bootstrap, en versiones anteriores a la 3.4.1 y versiones 4.3.x anteriores a la 4.3.1, es posible Cross-Site Scripting (XSS) en los atributos de data-template tooltip o popover.", }, ], id: "CVE-2019-8331", lastModified: "2024-11-21T04:49:42.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-02-20T16:29:00.837", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107375", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K24383845", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/May/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/pull/28236", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v3.4.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/twbs/bootstrap/releases/tag/v4.3.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731%40%3Cdev.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e%40%3Cdev.superset.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854%40%3Cuser.flink.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3dc0cac8d856bca02bd6997355d7ff83027dcfc82f8646a29b89b714%40%3Cissues.hbase.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/May/18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K24383845", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K24383845?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-20 12:15
Modified
2024-11-21 06:31
Severity ?
Summary
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "5D91E7B1-C692-4ECB-BFDF-968D8F8A5832", versionEndIncluding: "2.4.51", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "7A939B08-CFD8-44D6-B06A-71819E7EFF21", versionEndExcluding: "5.20.0", versionStartIncluding: "5.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "F2AD8797-A70D-4FC7-8A7B-1EF9F43AB4DF", versionEndIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "676F28B8-F780-4441-8062-53E1D69200DF", versionEndIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "9D164570-BB85-4090-B3C6-2CAB324BDAD6", versionEndIncluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", matchCriteriaId: "F1F4BF7F-90D4-4668-B4E6-B06F4070F448", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", matchCriteriaId: "0F441A43-1669-478D-9EC8-E96882DE4F9F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", matchCriteriaId: "D425C653-37A2-448C-BF2F-B684ADB08A26", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", matchCriteriaId: "A54D63B7-B92B-47C3-B1C5-9892E5873A98", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", matchCriteriaId: "3456176F-9185-4EE2-A8CE-3D989D674AB7", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", matchCriteriaId: "D337EE21-2F00-484D-9285-F2B0248D7A19", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", matchCriteriaId: "012052B5-9AA7-4FD3-9C80-5F615330039D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", matchCriteriaId: "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", matchCriteriaId: "8E974DC6-F7D9-4389-9AF9-863F6E419CE6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", matchCriteriaId: "156A6382-2BD3-4882-90B2-8E7CF6659E17", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", matchCriteriaId: "20A2FDB2-6712-406A-9896-C0B44508B07D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", matchCriteriaId: "49F537A0-DC42-4176-B22F-C80D179DD99D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "3BD2A211-4E62-40BF-9BA0-5239FA6F0AF8", versionEndExcluding: "10.15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "09A6345C-D813-43BA-B12E-789C80653F86", versionEndExcluding: "11.6.6", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "35154201-43EA-4C22-B0BA-D1A24C46D320", versionEndExcluding: "12.4", versionStartIncluding: "12.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.", }, { lang: "es", value: "Un cuerpo de petición cuidadosamente diseñado puede causar un desbordamiento de búfer en el analizador multiparte mod_lua (r:parsebody() llamado desde scripts Lua). El equipo de Apache httpd no presenta constancia de que se presente una explotación para esta vulnerabilidad, aunque podría ser posible diseñar uno. Este problema afecta a Apache HTTP Server versiones 2.4.51 y anteriores", }, ], id: "CVE-2021-44790", lastModified: "2024-11-21T06:31:33.257", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-20T12:15:07.440", references: [ { source: "security@apache.org", tags: [ "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "security@apache.org", url: "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/4", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213255", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213256", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213257", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/171631/Apache-2.4.x-Buffer-Overflow.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-03", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "security@apache.org", type: "Primary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-09 18:15
Modified
2024-11-21 05:36
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
3.6 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
3.6 (Low) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L
Summary
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security@php.net | https://bugs.php.net/bug.php?id=79797 | Exploit, Mailing List, Patch, Vendor Advisory | |
| security@php.net | https://security.gentoo.org/glsa/202009-10 | Third Party Advisory | |
| security@php.net | https://security.netapp.com/advisory/ntap-20200918-0005/ | Third Party Advisory | |
| security@php.net | https://www.debian.org/security/2021/dsa-4856 | Third Party Advisory | |
| security@php.net | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.php.net/bug.php?id=79797 | Exploit, Mailing List, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202009-10 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20200918-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2021/dsa-4856 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 10.0 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "822158CB-39AD-45A2-8846-64B9DA6D7D6D", versionEndExcluding: "7.2.33", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "9638ADE3-FBBA-4F05-B115-38E19926C73B", versionEndExcluding: "7.3.21", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "548DD627-7597-4A9B-8C3B-6A40B737639B", versionEndExcluding: "7.4.9", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.33, 7.3.x por debajo de 7.3.21 y 7.4.x por debajo de 7.4.9, mientras se procesan archivos PHAR con la extensión phar, la función phar_parse_zipfile podría ser engañada para que acceda a la memoria liberada, lo que podría conllevar a un bloqueo o una divulgación de información", }, ], id: "CVE-2020-7068", lastModified: "2024-11-21T05:36:36.680", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 1, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-09T18:15:23.400", references: [ { source: "security@php.net", tags: [ "Exploit", "Mailing List", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79797", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202009-10", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200918-0005/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79797", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202009-10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200918-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-16 15:15
Modified
2025-03-21 21:01
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| netapp | cloud_backup | - | |
| netapp | clustered_data_ontap | - | |
| netapp | storagegrid | - | |
| broadcom | brocade_fabric_operating_system_firmware | - | |
| f5 | f5os | * | |
| f5 | f5os | * | |
| oracle | enterprise_manager_ops_center | 12.4.0.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | instantis_enterprisetrack | 17.1 | |
| oracle | instantis_enterprisetrack | 17.2 | |
| oracle | instantis_enterprisetrack | 17.3 | |
| oracle | secure_global_desktop | 5.6 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| siemens | ruggedcom_nms | * | |
| siemens | sinec_nms | * | |
| siemens | sinema_remote_connect_server | * | |
| siemens | sinema_remote_connect_server | 3.2 | |
| siemens | sinema_server | 14.0 | |
| tenable | tenable.sc | * |
{ cisaActionDue: "2021-12-15", cisaExploitAdd: "2021-12-01", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "Apache HTTP Server-Side Request Forgery (SSRF)", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "1691C7CE-5CDA-4B9A-854E-3B58C1115526", versionEndIncluding: "2.4.48", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40", vulnerable: true, }, { criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:f5:f5os:*:*:*:*:*:*:*:*", matchCriteriaId: "80A2EFAB-4D06-4254-B2FE-5D1F84BDFD3A", versionEndIncluding: "1.1.4", versionStartIncluding: "1.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:f5:f5os:*:*:*:*:*:*:*:*", matchCriteriaId: "DBACFB6F-D57E-4ECA-81BB-9388E64F7DF3", versionEndIncluding: "1.2.1", versionStartIncluding: "1.2.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*", matchCriteriaId: "9DA11710-9EA8-49B4-8FD1-3AEE442F6ADC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:ruggedcom_nms:*:*:*:*:*:*:*:*", matchCriteriaId: "414A7F48-EFA5-4D86-9F8D-5A179A6CFC39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", matchCriteriaId: "BEF5E6CF-BBA5-4CCF-ACB1-BEF8D2C372B8", versionEndExcluding: "1.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", matchCriteriaId: "98CC9C9A-FE14-4D50-A8EC-C309229356C8", versionEndExcluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_remote_connect_server:3.2:*:*:*:*:*:*:*", matchCriteriaId: "D889831F-64D0-428A-A26C-71152C3B9974", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*", matchCriteriaId: "B0A5CC25-A323-4D49-8989-5A417D12D646", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356", versionEndIncluding: "5.19.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, { lang: "es", value: "Un uri-path diseñado puede causar que mod_proxy reenvíe la petición a un servidor de origen elegido por el usuario remoto. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores", }, ], id: "CVE-2021-40438", lastModified: "2025-03-21T21:01:59.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2021-09-16T15:15:07.633", references: [ { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { source: "security@apache.org", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { source: "security@apache.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r210807d0bb55f4aa6fbe1512be6bcc4dacd64e84940429fba329967a%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r2eb200ac1340f69aa22af61ab34780c531d110437910cb9c0ece3b37%40%3Cbugs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.apache.org/thread.html/rf6954e60b1c8e480678ce3d02f61b8a788997785652e9557a3265c00%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-918", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-918", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-09 03:15
Modified
2024-11-21 04:58
Severity ?
Summary
In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", matchCriteriaId: "207373A2-D1D0-4A2B-BC38-B6674613AE68", versionEndIncluding: "3.31.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", matchCriteriaId: "2AB443D1-D8E0-4253-9E1C-B62AEBBE582A", versionEndIncluding: "12.0.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "ECC00750-1DBF-401F-886E-E0E65A277409", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4FE8EE20-EDB0-468B-9441-8BB2C58C13A2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "DED59B62-C9BF-4C0E-B351-3884E8441655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "D98E76D5-B089-425D-9C44-8C6C393DE1DE", versionEndIncluding: "8.0.22", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "1E93384A-B962-4692-8735-2DA55A2969A2", versionEndIncluding: "8.0.22", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*", matchCriteriaId: "72F1A960-EBA5-4BDB-B629-20F0D2384562", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3198F822-43F8-4CB3-97F7-C2982FDA5CBD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", matchCriteriaId: "7569C0BD-16C1-441E-BAEB-840C94BE73EF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "BDC561AC-8993-4EDD-9728-639FD4F57DA2", versionEndIncluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.", }, { lang: "es", value: "En SQLite versiones hasta 3.31.1, la implementación de ALTER TABLE presenta un uso de la memoria previamente liberada, como es demostrado por una cláusula ORDER BY que pertenece a una sentencia SELECT compuesta.", }, ], id: "CVE-2020-11656", lastModified: "2024-11-21T04:58:20.520", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-09T03:15:11.410", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-26", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.sqlite.org/src/info/d09f8c3621d5f7f8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/info/b64674919f673602", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-29 07:15
Modified
2024-11-21 05:48
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| netapp | clustered_data_ontap | - | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "C87BA6C9-B0C3-4039-8F77-C310B1879FA5", versionEndExcluding: "7.3.33", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "83EEF959-AE5C-43C0-AF21-535B813E5DC6", versionEndExcluding: "7.4.26", versionStartIncluding: "7.4.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "60FBEAE8-F094-420B-8282-AFC3C33ABF28", versionEndExcluding: "8.0.13", versionStartIncluding: "8.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the filename, thus interpreting the filename differently from what the user intended, which may lead it to reading a different file than intended.", }, { lang: "es", value: "En PHP versiones 7.3.x anteriores a 7.3.33, 7.4.x anteriores a 7.4.26 y 8.0.x anteriores a 8.0.13, determinadas funciones de análisis de XML, como simplexml_load_file(), decodifican el nombre de archivo que les es pasado. Si ese nombre de archivo contiene un carácter NUL codificado en la URL, esto puede causar que la función lo interprete como el final del nombre de archivo, interpretando así el nombre de archivo de forma diferente a la que el usuario pretendía, lo que puede conllevar a una lectura de un archivo diferente al deseado", }, ], id: "CVE-2021-21707", lastModified: "2024-11-21T05:48:52.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-29T07:15:06.397", references: [ { source: "security@php.net", tags: [ "Exploit", "Issue Tracking", "Patch", "Release Notes", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79971", }, { source: "security@php.net", tags: [ "Issue Tracking", "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211223-0005/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5082", }, { source: "security@php.net", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Release Notes", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79971", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211223-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-159", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-29 14:15
Modified
2024-11-21 05:51
Severity ?
3.3 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| underscorejs | underscore | * | |
| underscorejs | underscore | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| tenable | tenable.sc | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:underscorejs:underscore:*:*:*:*:*:node.js:*:*", matchCriteriaId: "D9AD5E3F-19FE-436D-9772-67697CF90FA2", versionEndExcluding: "1.12.1", versionStartIncluding: "1.3.2", vulnerable: true, }, { criteria: "cpe:2.3:a:underscorejs:underscore:*:*:*:*:*:node.js:*:*", matchCriteriaId: "189D2A24-FEEA-4052-9EE3-DAA855476F24", versionEndExcluding: "1.13.0-2", versionStartIncluding: "1.13.0-0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "04CA4C0E-255A-4763-AC31-7FE81F720EA3", versionEndIncluding: "5.18.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.", }, { lang: "es", value: "El paquete underscore desde la versión 1.13.0-0 y anterior a la versión 1.13.0-2, desde la versión 1.3.2 y anterior a la versión 1.12.1, son vulnerables a una ejecución de código arbitraria por medio de la función template, particularmente cuando una propiedad variable es pasada como un argumento ya que no es saneado", }, ], id: "CVE-2021-23358", lastModified: "2024-11-21T05:51:34.207", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.3, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 0.7, impactScore: 2.5, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-29T14:15:18.047", references: [ { source: "report@snyk.io", tags: [ "Broken Link", ], url: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", }, { source: "report@snyk.io", url: "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E", }, { source: "report@snyk.io", url: "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E", }, { source: "report@snyk.io", url: "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E", }, { source: "report@snyk.io", url: "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E", }, { source: "report@snyk.io", url: "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E", }, { source: "report@snyk.io", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html", }, { source: "report@snyk.io", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/", }, { source: "report@snyk.io", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", }, { source: "report@snyk.io", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4883", }, { source: "report@snyk.io", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://github.com/jashkenas/underscore/blob/master/modules/template.js%23L71", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r5df90c46f7000c4aab246e947f62361ecfb849c5a553dcdb0ef545e1%40%3Cissues.cordova.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r770f910653772317b117ab4472b0a32c266ee4abbafda28b8a6f9306%40%3Cissues.cordova.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/raae088abdfa4fbd84e1d19d7a7ffe52bf8e426b83e6599ea9a734dba%40%3Cissues.cordova.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbc84926bacd377503a3f5c37b923c1931f9d343754488d94e6f08039%40%3Cissues.cordova.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re69ee408b3983b43e9c4a82a9a17cbbf8681bb91a4b61b46f365aeaf%40%3Cissues.cordova.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EOKATXXETD2PF3OR36Q5PD2VSVAR6J5Z/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGEE7U4Z655A2MK5EW4UQQZ7B64XJWBV/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240808-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1081504", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBJASHKENAS-1081505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1081503", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-JS-UNDERSCORE-1080984", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4883", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-14 20:15
Modified
2024-11-21 06:37
Severity ?
Summary
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2022-01 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2022-01 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "494A137C-A8B9-4E02-9324-BD76C8EE83CF", versionEndIncluding: "5.19.1", versionStartIncluding: "5.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation.", }, { lang: "es", value: "Se ha detectado que Tenable.sc versiones 5.14.0 a 5.19.1, contienen una vulnerabilidad de ejecución de código remota que podría permitir a un atacante remoto no autenticado ejecutar código en circunstancias especiales. Un atacante tendría que escenificar primero un tipo de archivo específico en el root del servidor web del host de Tenable.sc antes de la explotación remota", }, ], id: "CVE-2022-0130", lastModified: "2024-11-21T06:37:57.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-14T20:15:15.640", references: [ { source: "vulnreport@tenable.com", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-26 21:18
Modified
2025-04-01 15:15
Severity ?
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
5.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
Summary
A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "88CB8AC6-3A92-4EEE-AE65-5A295ED6E421", versionEndIncluding: "5.23.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host.", }, { lang: "es", value: "Existe una vulnerabilidad de inyección de fórmula en Tenable.sc debido a una validación incorrecta de la entrada proporcionada por el usuario antes de devolverla a los usuarios. Un atacante autenticado podría aprovechar el sistema de informes para exportar informes que contengan fórmulas, que luego requerirían que la víctima los aprobara y ejecutara en un host.", }, ], id: "CVE-2023-24493", lastModified: "2025-04-01T15:15:58.273", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.1, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-26T21:18:19.403", references: [ { source: "vulnreport@tenable.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-12-20 23:15
Modified
2024-11-21 04:35
Severity ?
Summary
Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.npmjs.com/advisories/1164 | Third Party Advisory | |
| cve@mitre.org | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.npmjs.com/advisories/1164 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-14 | Patch, Third Party Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.6:-:*:*:*:node.js:*:*", matchCriteriaId: "6FBBF1FB-FAEF-41B9-8E6E-A7DDA881C201", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.7:-:*:*:*:node.js:*:*", matchCriteriaId: "4BF4DC1D-DDD7-4617-A438-AED32D4D2F6E", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.8:-:*:*:*:node.js:*:*", matchCriteriaId: "B97055D1-E30A-44DC-9792-A74DF11B2110", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.9:-:*:*:*:node.js:*:*", matchCriteriaId: "3079C4D9-56D0-47F5-ABED-02DD89D0E8D2", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.10:-:*:*:*:node.js:*:*", matchCriteriaId: "89F30120-98DA-4418-B92C-803EAEA5A2FB", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.11:-:*:*:*:node.js:*:*", matchCriteriaId: "47712A16-6191-47BB-B882-224EBF2DB25D", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.0.12:-:*:*:*:node.js:*:*", matchCriteriaId: "3BCF49BE-5CF7-404C-899D-9596C0C104BC", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.1.0:-:*:*:*:node.js:*:*", matchCriteriaId: "7619CE95-7EC1-4EDA-B604-BC67CDE33727", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.1.1:-:*:*:*:node.js:*:*", matchCriteriaId: "4CF11D05-33CF-4BC6-BD81-FF3ABB75CEA6", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.1.2:-:*:*:*:node.js:*:*", matchCriteriaId: "8BE0C388-BA09-4972-94D0-ADB5B77B8763", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.2.0:-:*:*:*:node.js:*:*", matchCriteriaId: "263741E0-F7D4-4A0B-AE73-3EA3192E9694", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.2.1:-:*:*:*:node.js:*:*", matchCriteriaId: "E96203B2-1DCC-4691-B219-C913068BC033", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:1.3.0:-:*:*:*:node.js:*:*", matchCriteriaId: "B3BA06B6-42E7-47FF-AED7-6E5A8E14A08B", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:2.0.0:-:*:*:*:node.js:*:*", matchCriteriaId: "1F0B3A6C-10B2-4142-889C-23D53B31EC2C", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.0:-:*:*:*:node.js:*:*", matchCriteriaId: "018B3A23-8A8C-4BAD-BC58-D5418B79D322", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.1:-:*:*:*:node.js:*:*", matchCriteriaId: "383DF444-D620-4EC2-A3C8-1D51E40786C9", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.2:-:*:*:*:node.js:*:*", matchCriteriaId: "1AE16B41-008D-466F-99A2-938A92CEFF2B", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.3:-:*:*:*:node.js:*:*", matchCriteriaId: "D12A5B4E-7834-42F9-908F-E32DF2D3CD7F", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.4:-:*:*:*:node.js:*:*", matchCriteriaId: "B2AF202E-BEAD-4A4C-B8B0-B4F14A0610F7", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.5:-:*:*:*:node.js:*:*", matchCriteriaId: "BAE9F367-D1E7-4E5C-A9D5-22565A5F674B", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.6:-:*:*:*:node.js:*:*", matchCriteriaId: "0BCA804B-5D31-47D8-95CB-363E7980D28D", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:3.0.7:-:*:*:*:node.js:*:*", matchCriteriaId: "476DBC97-8693-4EF4-A4A4-8C10CC8F33D7", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.0:-:*:*:*:node.js:*:*", matchCriteriaId: "16D4CD1A-6A58-42A9-A3E7-448BB7252CFB", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.1:-:*:*:*:node.js:*:*", matchCriteriaId: "49B8323F-939F-4600-835A-E0E5EACB5276", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.2:-:*:*:*:node.js:*:*", matchCriteriaId: "9BD938F8-0962-4983-902C-B96790A83ED5", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.3:-:*:*:*:node.js:*:*", matchCriteriaId: "775A330D-44DA-426E-9DFB-7B3FA617C887", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.4:-:*:*:*:node.js:*:*", matchCriteriaId: "12C85BFA-8E59-4FF0-803B-224FD8955A14", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.5:-:*:*:*:node.js:*:*", matchCriteriaId: "6816A885-1EE1-40B7-A2CA-1CCD2594497E", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.6:-:*:*:*:node.js:*:*", matchCriteriaId: "ED35F37A-A85A-42FF-847F-D0E9F21DEC99", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.7:-:*:*:*:node.js:*:*", matchCriteriaId: "8810BDCB-555A-43B0-A003-6B74E2559B7B", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.8:-:*:*:*:node.js:*:*", matchCriteriaId: "39CE17D1-10A6-46F8-86B8-CF91E98E30F7", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.9:-:*:*:*:node.js:*:*", matchCriteriaId: "9F2F975B-DAEB-47BF-AC41-CCC13C7E3CDC", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.10:-:*:*:*:node.js:*:*", matchCriteriaId: "3F795717-AA89-4316-B357-6329FDF534DC", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.11:-:*:*:*:node.js:*:*", matchCriteriaId: "26BA7CCF-AD82-4CC6-8E2C-8EF43C3250CF", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.12:-:*:*:*:node.js:*:*", matchCriteriaId: "24788A2C-438C-49FA-A20D-383AC9CD699B", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.13:-:*:*:*:node.js:*:*", matchCriteriaId: "74530A3D-0B50-43CA-ABA7-95A6D1D99C9F", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.0.14:-:*:*:*:node.js:*:*", matchCriteriaId: "A544C487-98E2-4A30-8878-C8BC7F5CD2AC", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.1.0:-:*:*:*:node.js:*:*", matchCriteriaId: "B635034C-5DDD-433F-A453-DCE8D8D736C3", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.1.1:-:*:*:*:node.js:*:*", matchCriteriaId: "FA83D29F-0083-4332-A618-56DB0ED59024", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.1.2:-:*:*:*:node.js:*:*", matchCriteriaId: "F6321E82-B999-4BCD-8FD6-E1B55A60A41A", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.2.0:-:*:*:*:node.js:*:*", matchCriteriaId: "FEACA66E-4BDE-41DC-9797-21B81BB43E01", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.2.1:-:*:*:*:node.js:*:*", matchCriteriaId: "62A44232-6323-434E-8653-D7C2238702DD", vulnerable: true, }, { criteria: "cpe:2.3:a:handlebars.js_project:handlebars.js:4.2.2:-:*:*:*:node.js:*:*", matchCriteriaId: "B83F4927-BB98-4791-96E9-FF6D302A2AD8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote Code Execution. Templates may alter an Object's __proto__ and __defineGetter__ properties, which may allow an attacker to execute arbitrary code through crafted payloads.", }, { lang: "es", value: "Las versiones anteriores a 4.3.0 de handlebars, son vulnerables a la Contaminación de Prototipos conllevando a una ejecución de código remota. Las plantillas pueden alterar las propiedades __proto__ y __defineGetter__ de un Objeto, lo que puede permitir a un atacante ejecutar código arbitrario por medio de cargas útiles diseñadas.", }, ], id: "CVE-2019-19919", lastModified: "2024-11-21T04:35:39.797", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-12-20T23:15:11.480", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.npmjs.com/advisories/1164", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.npmjs.com/advisories/1164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1321", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-03 17:15
Modified
2024-11-21 05:45
Severity ?
Summary
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2021-03 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2021-03 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1721B5-9FCD-47C3-8338-E02932CF2C05", versionEndIncluding: "5.17.0", versionStartIncluding: "5.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability that could allow an authenticated, unprivileged user to perform Remote Code Execution (RCE) on the Tenable.sc server via Hypertext Preprocessor unserialization.", }, { lang: "es", value: "Se encontró Tenable.sc y Tenable.sc Core versiones 5.13.0 hasta 5.17.0, contienen una vulnerabilidad que podría permitir a un usuario autenticado y poco privilegiado llevar a cabo una ejecución de código remota (RCE) en el servidor Tenable.sc por medio de una deserialización del Hypertext Preprocessor", }, ], id: "CVE-2021-20076", lastModified: "2024-11-21T05:45:52.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-03T17:15:11.910", references: [ { source: "vulnreport@tenable.com", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-502", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-26 21:18
Modified
2025-04-01 15:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "88CB8AC6-3A92-4EEE-AE65-5A295ED6E421", versionEndIncluding: "5.23.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.", }, { lang: "es", value: "Existe una vulnerabilidad de cross-site scripting (XSS) almacenado en Tenable.sc debido a una validación incorrecta de la entrada proporcionada por el usuario antes de devolverla a los usuarios. Un atacante remoto autenticado puede aprovechar esto convenciendo a un usuario de que haga clic en una URL especialmente manipulada para ejecutar código de script arbitrario en la sesión del navegador de un usuario.", }, ], id: "CVE-2023-24494", lastModified: "2025-04-01T15:15:58.560", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-26T21:18:19.500", references: [ { source: "vulnreport@tenable.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-26 21:18
Modified
2025-04-01 15:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2023-03 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "88CB8AC6-3A92-4EEE-AE65-5A295ED6E421", versionEndIncluding: "5.23.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.", }, { lang: "es", value: "Existe una vulnerabilidad de inyección LDAP en Tenable.sc debido a una validación incorrecta de la entrada proporcionada por el usuario antes de devolverla a los usuarios. Un atacante autenticado podría generar datos en Active Directory utilizando la cuenta de la aplicación mediante una inyección blind de LDAP.", }, ], id: "CVE-2023-0476", lastModified: "2025-04-01T15:15:58.053", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-01-26T21:18:09.727", references: [ { source: "vulnreport@tenable.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-03", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-74", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-26 15:15
Modified
2024-11-21 06:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:*", matchCriteriaId: "EA897736-789A-461C-86F5-E7470E643213", versionEndExcluding: "1.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "013FAABA-8CDD-46AD-B321-9908634C880A", versionEndExcluding: "7.86", versionStartIncluding: "7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", matchCriteriaId: "E812639B-EE28-4C68-9F6F-70C8BF981C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*", matchCriteriaId: "C7F4B5F0-6B78-4A94-AD83-6B78D484E298", versionEndIncluding: "8.14.0", versionStartIncluding: "8.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", matchCriteriaId: "CBDA65DE-5727-49DC-8D50-DA81DB3E8841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747", versionEndIncluding: "8.0.29", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*", matchCriteriaId: "BC99884C-17AD-4C42-B404-4E862175C1A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*", matchCriteriaId: "E5659049-8C12-433D-9CE2-90615122CB29", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*", matchCriteriaId: "737A843D-6B2F-4443-85FF-7B72B46A7251", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*", matchCriteriaId: "4DC11D4E-23D3-49CE-A9B1-68477EF8C6F0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*", matchCriteriaId: "D7DFBD39-0511-406D-B972-F3F11976229D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*", matchCriteriaId: "33157281-11A0-4700-99AB-40B7B9C57A9B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", matchCriteriaId: "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", matchCriteriaId: "48B23728-0050-4AF0-B8B0-A959CBAB4505", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", matchCriteriaId: "AB9FC9AB-1070-420F-870E-A5EC43A924A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "BDC6D658-09EA-4C41-869F-1C2EA163F751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*", matchCriteriaId: "384DEDD9-CB26-4306-99D8-83068A9B23ED", versionEndExcluding: "23.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", matchCriteriaId: "BEF828F5-C666-40DA-98DD-CDF658D7090B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", matchCriteriaId: "E812639B-EE28-4C68-9F6F-70C8BF981C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8865CE15-F9A1-4A46-AF93-B58356BDEE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", matchCriteriaId: "2AC63D10-2326-4542-B345-31D45B9A7408", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*", matchCriteriaId: "C7F4B5F0-6B78-4A94-AD83-6B78D484E298", versionEndIncluding: "8.14.0", versionStartIncluding: "8.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", matchCriteriaId: "CBDA65DE-5727-49DC-8D50-DA81DB3E8841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "C5F35B8D-6F26-4682-8541-6F10EE2ACE7E", versionEndIncluding: "9.2.6.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "15C83E0F-5FA2-47E5-9FCF-CD2E90D6A9E8", versionEndIncluding: "12.2.25", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*", matchCriteriaId: "105BF985-2403-455E-BAA1-509245B54A1D", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", matchCriteriaId: "281F1ACB-3180-422C-BADF-B0AE5F50924E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.", }, { lang: "es", value: "jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. Antes de la versión 1.13.0, aceptar el valor de la opción \"altField\" del widget Datepicker desde fuentes no confiables puede ejecutar código no confiable. El problema es corregido en jQuery UI versión 1.13.0. Cualquier valor de cadena pasado a la opción \"altField\" se trata ahora como un selector CSS. Una solución es no aceptar el valor de la opción \"altField\" de fuentes no confiables", }, ], id: "CVE-2021-41182", lastModified: "2024-11-21T06:25:41.707", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-26T15:15:10.313", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-002", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/pull/1954/commits/6809ce843e5ac4128108ea4c15cbc100653c2b63", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-05 18:15
Modified
2024-11-21 06:25
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| getcomposer | composer | * | |
| getcomposer | composer | * | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*", matchCriteriaId: "9C5AC58B-D753-4639-B1FA-6267EE5EC280", versionEndExcluding: "1.10.23", vulnerable: true, }, { criteria: "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*", matchCriteriaId: "24022E9F-FD26-4F38-8CAA-17B5DA3AB005", versionEndExcluding: "2.1.9", versionStartIncluding: "2.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Composer is an open source dependency manager for the PHP language. In affected versions windows users running Composer to install untrusted dependencies are subject to command injection and should upgrade their composer version. Other OSs and WSL are not affected. The issue has been resolved in composer versions 1.10.23 and 2.1.9. There are no workarounds for this issue.", }, { lang: "es", value: "Composer es un administrador de dependencias de código abierto para el lenguaje PHP. En las versiones afectadas, unos usuarios de Windows que ejecutan Composer para instalar dependencias no confiables están sujetos a una inyección de comandos y deben actualizar su versión de Composer. Otros Sistemas Operativos y WSL no están afectados. El problema ha sido resuelto en Composer versiones 1.10.23 y 2.1.9. No se presentan soluciones para este problema", }, ], id: "CVE-2021-41116", lastModified: "2024-11-21T06:25:30.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.7, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-05T18:15:08.407", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", }, { source: "security-advisories@github.com", url: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/composer/composer/commit/ca5e2f8d505fd3bfac6f7c85b82f2740becbc0aa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.sonarsource.com/blog/securing-developer-tools-package-managers/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-27 21:15
Modified
2024-11-21 05:36
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "C6DEDF33-5700-450F-980D-8CA598A53DED", versionEndIncluding: "7.2.27", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "1CA6A47B-6146-4361-AED1-4263B7911C6C", versionEndIncluding: "7.3.14", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "D73AA9E0-B622-41A6-9E5B-924051D4CA61", versionEndIncluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.28, versiones 7.3.x por debajo de 7.3.15 y versiones 7.4.x por debajo de 7.4.3, cuando es creado un archivo PHAR usando la función PharData::buildFromIterator(), los archivos son agregados con permisos predeterminados (0666, o acceso total) incluso si los archivos originales en el sistema de archivos estaban con permisos más restrictivos. Esto puede causar que los archivos tengan más permisos laxos de lo previsto cuando dicho archivo es extraído.", }, ], id: "CVE-2020-7063", lastModified: "2024-11-21T05:36:35.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-27T21:15:19.117", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "security@php.net", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79082", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79082", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-281", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-281", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-13 21:15
Modified
2024-11-21 06:51
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| getcomposer | composer | * | |
| getcomposer | composer | * | |
| getcomposer | composer | * | |
| tenable | tenable.sc | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*", matchCriteriaId: "3155607B-1618-4F71-A8F6-EE307FEBE87C", versionEndExcluding: "1.10.26", vulnerable: true, }, { criteria: "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*", matchCriteriaId: "82BF470D-AE35-4DCC-9F22-6C300657E33F", versionEndExcluding: "2.2.12", versionStartIncluding: "2.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:getcomposer:composer:*:*:*:*:*:*:*:*", matchCriteriaId: "5DCC8125-C9E9-40F1-85B9-7E556B576439", versionEndExcluding: "2.3.5", versionStartIncluding: "2.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Composer is a dependency manager for the PHP programming language. Integrators using Composer code to call `VcsDriver::getFileContent` can have a code injection vulnerability if the user can control the `$file` or `$identifier` argument. This leads to a vulnerability on packagist.org for example where the composer.json's `readme` field can be used as a vector for injecting parameters into hg/Mercurial via the `$file` argument, or git via the `$identifier` argument if you allow arbitrary data there (Packagist does not, but maybe other integrators do). Composer itself should not be affected by the vulnerability as it does not call `getFileContent` with arbitrary data into `$file`/`$identifier`. To the best of our knowledge this was not abused, and the vulnerability has been patched on packagist.org and Private Packagist within a day of the vulnerability report.", }, { lang: "es", value: "Composer es un administrador de dependencias para el lenguaje de programación PHP. Los integradores usando el código de Composer para llamar a la función \"VcsDriver::getFileContent\" pueden tener una vulnerabilidad de inyección de código si el usuario puede controlar el argumento \"$file\" o \"$identifier\". Esto conlleva a una vulnerabilidad en packagist.org, por ejemplo, donde el campo \"readme\" de composer.json puede ser usado como vector para inyectar parámetros en hg/Mercurial por medio del argumento \"$file\", o en git por medio del argumento \"$identifier\" si son permitidos datos arbitrarios allí (Packagist no lo hace, pero quizás otros integradores sí). El propio Composer no debería verse afectado por la vulnerabilidad, ya que no llama a \"getFileContent\" con datos arbitrarios en $file\"/\"$identifier\". Por lo que sabemos, no ha sido abusado de ello, y la vulnerabilidad ha sido parcheada en packagist.org y en Private Packagist un día después del informe de la vulnerabilidad", }, ], id: "CVE-2022-24828", lastModified: "2024-11-21T06:51:11.307", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.3, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.6, impactScore: 6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-13T21:15:07.820", references: [ { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/composer/composer/commit/2c40c53637c5c7e43fff7c09d3d324d632734709", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/composer/composer/security/advisories/GHSA-x7cr-6qr6-2hh6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/625MT3IKWKFVIWLSYZFSXHVUA2LES7YQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWT6LDSRY7SFMTDZWJ4MS2ZBXHL7VQEF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QD7JQWL6C4GVROO25DTXWYWM6BPOPPCG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-04 17:15
Modified
2024-11-21 06:51
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Summary
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| momentjs | moment | * | |
| momentjs | moment | * | |
| tenable | tenable.sc | * | |
| netapp | active_iq | - | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:momentjs:moment:*:*:*:*:*:node.js:*:*", matchCriteriaId: "90084136-F14C-42A8-82CB-BB6E7074B681", versionEndExcluding: "2.29.2", versionStartIncluding: "1.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:momentjs:moment:*:*:*:*:*:nuget:*:*", matchCriteriaId: "675B92D1-684A-459C-81BE-F9540B87F9FB", versionEndExcluding: "2.29.2", versionStartIncluding: "1.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq:-:*:*:*:*:*:*:*", matchCriteriaId: "EF29713A-2852-4E3D-9666-4001C7E8B667", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.", }, { lang: "es", value: "Moment.js es una librería de fechas en JavaScript para analizar, comprobar, manipular y formatear fechas. Una vulnerabilidad de salto de ruta afecta a usuarios de npm (servidor) de Moment.js entre las versiones 1.0.1 y 2.29.1, especialmente si es usada directamente una cadena de configuración regional proporcionada por el usuario para cambiar la configuración regional de Moment. Este problema está parcheado en la versión 2.29.2, y el parche puede aplicarse a todas las versiones afectadas. Como medida de mitigación, sanee el nombre de la configuración regional proporcionada por el usuario antes de pasarlo a Moment.js", }, ], id: "CVE-2022-24785", lastModified: "2024-11-21T06:51:05.483", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-04T17:15:07.583", references: [ { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5", }, { source: "security-advisories@github.com", tags: [ "Vendor Advisory", ], url: "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220513-0006/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/moment/moment/commit/4211bfc8f15746be4019bba557e29a7ba83d54c5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00035.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QIO6YNLTK2T7SPKDS4JEL45FANLNC2Q/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORJX2LF6KMPIHP6B2P6KZIVKMLE3LVJ5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220513-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, { lang: "en", value: "CWE-27", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-17 19:15
Modified
2024-11-21 05:34
Severity ?
Summary
Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2020-02 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2020-02 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | 5.14.0 | |
| tenable | tenable.sc | 5.14.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:5.14.0:*:*:*:*:*:*:*", matchCriteriaId: "AEC4349D-D138-4EB5-AA72-616988F63DE2", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:5.14.1:*:*:*:*:*:*:*", matchCriteriaId: "2E49ABD5-084F-4CA5-8641-73C49C6A0DE3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a request to execute arbitrary script code in a user's browser session. Updated input validation techniques have been implemented to correct this issue.", }, { lang: "es", value: "Una Vulnerabilidad de tipo XSS almacenado en Tenable.Sc versiones anteriores a 5.14.0, podría permitir a un atacante remoto autentificado diseñar una petición para ejecutar un código script arbitrario en una sesión del navegador de un usuario. Se han implementado técnicas actualizadas de comprobación de entrada para corregir este problema.", }, ], id: "CVE-2020-5737", lastModified: "2024-11-21T05:34:30.617", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 3.5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:S/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 6.8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-17T19:15:15.170", references: [ { source: "vulnreport@tenable.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2020-02", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-02-16 17:15
Modified
2024-11-21 05:51
Severity ?
Summary
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "F12DBEEA-AAB3-4383-A3E2-F865B960BA07", versionEndExcluding: "1.0.2y", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "90147138-26F0-42CF-A1DB-BE1853885CA6", versionEndExcluding: "1.1.1j", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*", matchCriteriaId: "657682A0-54D5-4DC6-A98E-8BAF685926C4", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*", matchCriteriaId: "8FC5C76C-3474-4B26-8CF0-2DFAFA3D5458", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*", matchCriteriaId: "8661D361-71B5-4C41-A818-C89EC551D900", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*", matchCriteriaId: "253603DC-2D92-442A-B3A8-A63E14D8A070", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*", matchCriteriaId: "8E112CFF-31F9-4D87-9A1B-AE0FCF69615E", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "AC1721B5-9FCD-47C3-8338-E02932CF2C05", versionEndIncluding: "5.17.0", versionStartIncluding: "5.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", matchCriteriaId: "FFDA8CE0-8F2C-4FA7-91F8-A720F56EBC5D", versionEndExcluding: "14.1.1", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", matchCriteriaId: "168B0313-B7B6-4CD5-AD4F-C133050498BF", versionEndExcluding: "14.6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", matchCriteriaId: "E1BB03E7-7DC3-404B-AD37-78849BE46420", versionEndExcluding: "14.6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "617E79BC-1012-4778-BDE7-44A238CC8D7A", versionEndExcluding: "11.4", versionStartIncluding: "11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "B602F9E8-1580-436C-A26D-6E6F8121A583", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "77C3DD16-1D81-40E1-B312-50FBD275507C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "81DAC8C0-D342-44B5-9432-6B88D389584F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "B4367D9B-BF81-47AD-A840-AC46317C774D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "61516569-C48F-4362-B334-8CA10EDB0EC2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*", matchCriteriaId: "394A16F2-CCD4-44E5-BF6B-E0C782A9FA38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*", matchCriteriaId: "058C7C4B-D692-49DE-924A-C2725A8162D3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "0F0434A5-F2A1-4973-917C-A95F2ABE97D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*", matchCriteriaId: "96DD93E0-274E-4C36-99F3-EEF085E57655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "44B24982-87BE-4563-8B7E-D846607B641B", versionEndExcluding: "8.0.23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C9E14DE8-29C1-4C0C-9B31-2E3A11EE68E4", versionEndExcluding: "5.7.33", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "FBE10671-5C91-4ACF-ABD2-255E9F2F9D79", versionEndExcluding: "8.0.23", versionStartIncluding: "8.0.15", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*", matchCriteriaId: "C89891C1-DFD7-4E1F-80A9-7485D86A15B5", versionEndExcluding: "1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*", matchCriteriaId: "4664B195-AF14-4834-82B3-0B2C98020EB6", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*", matchCriteriaId: "75BC588E-CDF0-404E-AD61-02093A1DF343", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).", }, { lang: "es", value: "La función de la API pública de OpenSSL X509_issuer_and_serial_hash() intenta crear un valor hash único basado en los datos del emisor y del número de serie contenidos en un certificado X509. Sin embargo, no gestiona correctamente los errores que puedan producirse al analizar el campo del emisor (lo que podría ocurrir si el campo del emisor se construye de forma maliciosa). Esto puede dar lugar a un desvío de puntero NULL y a un fallo que conduzca a un posible ataque de denegación de servicio. La función X509_issuer_and_serial_hash() nunca es llamada directamente por OpenSSL, por lo que las aplicaciones sólo son vulnerables si utilizan esta función directamente y lo hacen con certificados que pueden haber sido obtenidos de fuentes no fiables. Las versiones de OpenSSL 1.1.1i y posteriores están afectadas por este problema. Los usuarios de estas versiones deberían actualizar a OpenSSL 1.1.1j. Las versiones de OpenSSL 1.0.2x e inferiores se ven afectadas por este problema. Sin embargo, OpenSSL 1.0.2 está fuera de soporte y ya no recibe actualizaciones públicas. Los clientes con soporte Premium de OpenSSL 1.0.2 deben actualizar a la versión 1.0.2y. Los demás usuarios deben actualizar a la versión 1.1.1j. Corregido en OpenSSL 1.1.1j (Afectado 1.1.1-1.1.1i). Corregido en OpenSSL 1.0.2y (Afectado 1.0.2-1.0.2x)", }, ], id: "CVE-2021-23841", lastModified: "2024-11-21T05:51:55.460", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-02-16T17:15:13.377", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212528", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212529", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212534", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/67", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/68", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2021/May/70", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202103-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210219-0009/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210513-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT212534", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210216.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-09", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-20 12:15
Modified
2024-11-21 06:30
Severity ?
Summary
A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "F280AFE0-EB05-4ABF-85A7-9518AD485C49", versionEndExcluding: "2.4.52", versionStartIncluding: "2.4.7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "3304C5DC-0353-4AC8-884E-2154C9224BE9", versionEndExcluding: "5.20.0", versionStartIncluding: "5.14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "161BA9E6-265F-4245-8053-5734333322E5", versionEndExcluding: "202201.1", versionStartIncluding: "5.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "02712DD6-D944-4452-8015-000B9851D257", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*", matchCriteriaId: "E3517A27-E6EE-497C-9996-F78171BBE90F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "274BCA96-2E6A-4B77-B69E-E2093A668D28", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8D4B738B-08CF-44F6-A939-39F5BEAF03B2", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:-:*:*:*:*:*:*:*", matchCriteriaId: "E290BD43-5AB2-4641-B4AC-BC99FFBF7833", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:*:*:*:*:*:*:*", matchCriteriaId: "89161D20-EB9C-4EC0-8D82-75B27CE49264", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", matchCriteriaId: "F1F4BF7F-90D4-4668-B4E6-B06F4070F448", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", matchCriteriaId: "0F441A43-1669-478D-9EC8-E96882DE4F9F", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", matchCriteriaId: "D425C653-37A2-448C-BF2F-B684ADB08A26", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", matchCriteriaId: "A54D63B7-B92B-47C3-B1C5-9892E5873A98", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", matchCriteriaId: "3456176F-9185-4EE2-A8CE-3D989D674AB7", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", matchCriteriaId: "D337EE21-2F00-484D-9285-F2B0248D7A19", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", matchCriteriaId: "012052B5-9AA7-4FD3-9C80-5F615330039D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", matchCriteriaId: "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", matchCriteriaId: "8E974DC6-F7D9-4389-9AF9-863F6E419CE6", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", matchCriteriaId: "156A6382-2BD3-4882-90B2-8E7CF6659E17", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", matchCriteriaId: "20A2FDB2-6712-406A-9896-C0B44508B07D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*", matchCriteriaId: "49F537A0-DC42-4176-B22F-C80D179DD99D", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "3BD2A211-4E62-40BF-9BA0-5239FA6F0AF8", versionEndExcluding: "10.15.7", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "09A6345C-D813-43BA-B12E-789C80653F86", versionEndExcluding: "11.6.6", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "56A8A170-44A7-4334-88B0-CB4413E28E53", versionEndExcluding: "12.4", versionStartIncluding: "12.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to 2.4.51 (included).", }, { lang: "es", value: "Un URI diseñado que es enviado a httpd configurado como proxy directo (ProxyRequests on) puede causar un fallo (desreferencia de puntero NULL) o, en el caso de configuraciones que mezclan declaraciones de proxy directo e inverso, puede permitir que las peticiones se dirijan a un endpoint de socket de dominio Unix declarado (Server Side Request Forgery). Este problema afecta a Apache HTTP Server versiones 2.4.7 hasta 2.4.51 (incluyéndola)", }, ], id: "CVE-2021-44224", lastModified: "2024-11-21T06:30:37.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-20T12:15:07.393", references: [ { source: "security@apache.org", tags: [ "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213255", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213256", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213257", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/33", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2022/May/38", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFSWOH4X77CV7AH7C4RMHUBDWKQDL4YH/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211224-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT213257", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-03", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-10 08:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| oracle | communications_diameter_signaling_router | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "0C8F023B-DDEF-48ED-9E3F-785F61636F98", versionEndExcluding: "7.2.27", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "A4DF319B-F27D-44FC-BD7E-4022925E121D", versionEndExcluding: "7.3.14", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "CF0A5CFA-33A0-4676-8A69-F0B3B4BC16A6", versionEndExcluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", matchCriteriaId: "2C2A0171-EAC8-4202-BA1D-2A9D9FE055E1", versionEndIncluding: "8.4", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.", }, { lang: "es", value: "Cuando se usa la función fgetss() para leer datos con etiquetas de eliminación, en PHP versiones 7.2.x por debajo de 7.2.27, versiones 7.3.x por debajo de 7.3.14 y versiones 7.4.x por debajo de 7.4.2, es posible suministrar datos que causarán que esta función lea más allá del búfer asignado. Esto puede conllevar a una divulgación de información o bloqueo.", }, ], id: "CVE-2020-7059", lastModified: "2024-11-21T05:36:35.167", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-10T08:15:12.673", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "security@php.net", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79099", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://usn.ubuntu.com/4279-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79099", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://usn.ubuntu.com/4279-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 20:15
Modified
2024-11-21 04:20
Severity ?
Summary
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| apple | mac_os_x | * | |
| opensuse | leap | 15.0 | |
| redhat | software_collections | 1.0 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "BB562D9A-1014-4E8B-9C23-D27AE0804D37", versionEndExcluding: "7.1.31", versionStartIncluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "C12FECEA-A926-4C57-B65F-6815A6A091A9", versionEndExcluding: "7.2.21", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "76D1A2A9-CDA6-40AF-81C5-684FBCE2CC93", versionEndExcluding: "7.3.8", versionStartIncluding: "7.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "E773457A-E670-4DDA-86E2-0923C1DCD9BA", versionEndExcluding: "10.15.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", matchCriteriaId: "9D7EE4B6-A6EC-4B9B-91DF-79615796673F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, { lang: "es", value: "Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x anteriores a 7.2.21 y versiones 7.3.x anteriores a 7.3.8, es posible suministrarle datos que causará que se lea más allá del búfer asignado. Esto puede conllevar a la divulgación de información o bloqueo.", }, ], id: "CVE-2019-11041", lastModified: "2024-11-21T04:20:25.723", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T20:15:11.050", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "security@php.net", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78222", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210634", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210722", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-2/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78222", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210634", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-26 15:15
Modified
2024-11-21 06:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:*", matchCriteriaId: "EA897736-789A-461C-86F5-E7470E643213", versionEndExcluding: "1.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "013FAABA-8CDD-46AD-B321-9908634C880A", versionEndExcluding: "7.86", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "BE1268C5-DEFD-44D8-8994-D93C7839D5C2", versionEndExcluding: "9.2.11", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "7A28F55D-AEB8-454E-B1A9-163C4CB2B38D", versionEndExcluding: "9.3.3", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", matchCriteriaId: "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", matchCriteriaId: "48B23728-0050-4AF0-B8B0-A959CBAB4505", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", matchCriteriaId: "AB9FC9AB-1070-420F-870E-A5EC43A924A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "BDC6D658-09EA-4C41-869F-1C2EA163F751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*", matchCriteriaId: "384DEDD9-CB26-4306-99D8-83068A9B23ED", versionEndExcluding: "23.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", matchCriteriaId: "BEF828F5-C666-40DA-98DD-CDF658D7090B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", matchCriteriaId: "E812639B-EE28-4C68-9F6F-70C8BF981C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8865CE15-F9A1-4A46-AF93-B58356BDEE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*", matchCriteriaId: "2AC63D10-2326-4542-B345-31D45B9A7408", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*", matchCriteriaId: "C7F4B5F0-6B78-4A94-AD83-6B78D484E298", versionEndIncluding: "8.14.0", versionStartIncluding: "8.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", matchCriteriaId: "CBDA65DE-5727-49DC-8D50-DA81DB3E8841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "C5F35B8D-6F26-4682-8541-6F10EE2ACE7E", versionEndIncluding: "9.2.6.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "15C83E0F-5FA2-47E5-9FCF-CD2E90D6A9E8", versionEndIncluding: "12.2.25", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*", matchCriteriaId: "08FA59A8-6A62-4B33-8952-D6E658F8DAC9", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*", matchCriteriaId: "105BF985-2403-455E-BAA1-509245B54A1D", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", matchCriteriaId: "281F1ACB-3180-422C-BADF-B0AE5F50924E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.", }, { lang: "es", value: "jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. Antes de la versión 1.13.0, aceptar el valor de la opción \"of\" de la utilidad \".position()\" de fuentes no confiables podía ejecutar código no confiable. El problema es corregido en jQuery UI versión 1.13.0. Cualquier valor de cadena pasado a la opción \"of\" se trata ahora como un selector CSS. Una solución es no aceptar el valor de la opción \"of\" de fuentes no confiables", }, ], id: "CVE-2021-41184", lastModified: "2024-11-21T06:25:42.430", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-26T15:15:10.460", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280", }, { source: "security-advisories@github.com", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-001", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Vendor Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-27 21:15
Modified
2024-11-21 05:36
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| oracle | communications_diameter_signaling_router | * | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "BCA61CC4-F137-461B-8B8A-3EC3F502BF33", versionEndExcluding: "7.2.30", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "461B71F9-8BE5-4E97-807E-03D180AC6122", versionEndExcluding: "7.3.17", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "AE8B571C-CCD8-418D-A29A-D9EBC06CAE2D", versionEndExcluding: "7.4.5", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", matchCriteriaId: "12981AA7-BBF6-4158-8F7D-9DD3880FDCC1", versionEndIncluding: "8.4.0.5", versionStartIncluding: "8.0.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.30, versiones 7.3.x debajo de 7.3.17 y versiones 7.4.x por debajo de 7.4.5, si PHP es compilado con soporte EBCDIC (poco común), la función urldecode() puede ser hecha para acceder a ubicaciones más allá del memoria asignada, debido al uso erróneo de números con signo como índices de matriz.", }, ], id: "CVE-2020-7067", lastModified: "2024-11-21T05:36:36.513", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-27T21:15:14.593", references: [ { source: "security@php.net", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79465", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "security@php.net", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200504-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-196", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-10-02 15:15
Modified
2024-11-21 05:36
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 15.2 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 20.04 | |
| netapp | clustered_data_ontap | - | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "63EC1EEB-0BEC-496B-B225-066232FDFCF0", versionEndExcluding: "7.2.34", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "EEFF4B6D-4A40-479B-846E-EA3372E062E0", versionEndExcluding: "7.3.23", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "7D5112FC-B50B-4C73-A876-0C7FB66EB4F1", versionEndExcluding: "7.4.11", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", matchCriteriaId: "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", matchCriteriaId: "CB66DB75-2B16-4EBF-9B93-CE49D8086E41", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.34, versiones 7.3.x por debajo de 7.3.23 y versiones 7.4.x por debajo de 7.4.11, cuando PHP procesa valores de cookies HTTP entrantes, los nombres de las cookies se decodifican de la URL. Esto puede conllevar a que las cookies con prefijos como __Host se confundan con las cookies que decodifican dicho prefijo, lo que conlleva a que un atacante pueda falsificar una cookie que se supone que es segura. Consulte también CVE-2020-8184 para obtener más información", }, ], id: "CVE-2020-7070", lastModified: "2024-11-21T05:36:37.007", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-10-02T15:15:12.747", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://cve.circl.lu/cve/CVE-2020-8184", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { source: "security@php.net", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79699", }, { source: "security@php.net", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/895727", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { source: "security@php.net", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202012-16", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4583-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "security@php.net", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://cve.circl.lu/cve/CVE-2020-8184", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00067.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://hackerone.com/reports/895727", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/10/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EVDN7D3IB4EAI4D3ZOM2OJKQ5SD7K4E/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2J3ZZDHCSX65T5QWV4AHBN7MOJXBEKG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RRU57N3OSYZPOMFWPRDNVH7EMYOTSZ66/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202012-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20201016-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4583-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-565", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-21 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2020-11 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2020-11 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "BEC5088D-146A-4D0A-86CF-ED077FB8D450", versionEndExcluding: "5.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.", }, { lang: "es", value: "En determinados escenarios en Tenable.sc versiones anteriores a 5.17.0, un escáner podría potencialmente ser usado fuera de la zona de escaneo definida por el usuario sin que sea especificado una zona en particular dentro de la configuración de Distribución Automática", }, ], id: "CVE-2020-5808", lastModified: "2024-11-21T05:34:38.090", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-21T18:15:16.603", references: [ { source: "vulnreport@tenable.com", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2020-11", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-01 03:15
Modified
2025-03-27 15:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have resolved the issue and also made several defense-in-depth fixes alongside. While the probability of successful exploitation is low, Tenable is committed to securing our customers’ environments and our products. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202212212055.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vulnreport@tenable.com | https://www.tenable.com/security/tns-2023-04 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2023-04 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tenable | nessus | - | |
| tenable | tenable.io | - | |
| tenable | tenable.sc | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:nessus:-:*:*:*:*:*:*:*", matchCriteriaId: "3EEA2071-B520-44B1-9320-198E3D264721", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.io:-:*:*:*:*:*:*:*", matchCriteriaId: "6C740060-086C-4893-BAF2-6BB423252956", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:-:*:*:*:*:*:*:*", matchCriteriaId: "D239571B-6590-49F6-93AB-5740A4BB2AA1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "As part of our Security Development Lifecycle, a potential privilege escalation issue was identified internally. This could allow a malicious actor with sufficient permissions to modify environment variables and abuse an impacted plugin in order to escalate privileges. We have resolved the issue and also made several defense-in-depth fixes alongside. While the probability of successful exploitation is low, Tenable is committed to securing our customers’ environments and our products. The updates have been distributed via the Tenable plugin feed in feed serial numbers equal to or greater than #202212212055.", }, ], id: "CVE-2023-0524", lastModified: "2025-03-27T15:15:42.113", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-01T03:15:08.427", references: [ { source: "vulnreport@tenable.com", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tenable.com/security/tns-2023-04", }, ], sourceIdentifier: "vulnreport@tenable.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-269", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-02-10 08:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| oracle | communications_diameter_signaling_router | * | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "0C8F023B-DDEF-48ED-9E3F-785F61636F98", versionEndExcluding: "7.2.27", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "A4DF319B-F27D-44FC-BD7E-4022925E121D", versionEndExcluding: "7.3.14", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "CF0A5CFA-33A0-4676-8A69-F0B3B4BC16A6", versionEndExcluding: "7.4.2", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", matchCriteriaId: "2C2A0171-EAC8-4202-BA1D-2A9D9FE055E1", versionEndIncluding: "8.4", versionStartIncluding: "8.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.", }, { lang: "es", value: "Cuando se usan determinadas funciones de mbstring para convertir codificaciones multibyte, en PHP versiones 7.2.x por debajo de 7.2.27, versiones 7.3.x por debajo de 7.3.14 y versiones 7.4.x por debajo de 7.4.2, es posible suministrar datos que causarán que la función mbfl_filt_conv_big5_wchar lea más allá del buffer asignado. Esto puede conllevar a una divulgación de información o bloqueo.", }, ], id: "CVE-2020-7060", lastModified: "2024-11-21T05:36:35.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-02-10T08:15:12.797", references: [ { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "security@php.net", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79037", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://usn.ubuntu.com/4279-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/27", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Feb/31", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2021/Jan/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-57", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200221-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://usn.ubuntu.com/4279-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4626", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4628", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-09-16 15:15
Modified
2024-11-21 06:11
Severity ?
Summary
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| netapp | cloud_backup | - | |
| netapp | clustered_data_ontap | - | |
| netapp | storagegrid | - | |
| tenable | tenable.sc | * | |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | 1.10.0 | |
| oracle | enterprise_manager_base_platform | 13.4.0.0 | |
| oracle | enterprise_manager_base_platform | 13.5.0.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | instantis_enterprisetrack | 17.1 | |
| oracle | instantis_enterprisetrack | 17.2 | |
| oracle | instantis_enterprisetrack | 17.3 | |
| oracle | peoplesoft_enterprise_peopletools | 8.58 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| broadcom | brocade_fabric_operating_system_firmware | - | |
| siemens | ruggedcom_nms | * | |
| siemens | sinec_nms | * | |
| siemens | sinema_remote_connect_server | * | |
| siemens | sinema_server | 14.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "1691C7CE-5CDA-4B9A-854E-3B58C1115526", versionEndIncluding: "2.4.48", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*", matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356", versionEndIncluding: "5.19.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*", matchCriteriaId: "C2A5B24D-BDF2-423C-98EA-A40778C01A05", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6E8758C8-87D3-450A-878B-86CE8C9FC140", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B2748912-FC54-47F6-8C0C-B96784765B8E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:ruggedcom_nms:*:*:*:*:*:*:*:*", matchCriteriaId: "414A7F48-EFA5-4D86-9F8D-5A179A6CFC39", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinec_nms:*:*:*:*:*:*:*:*", matchCriteriaId: "D09241FF-5652-4020-A626-D604134D5020", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", matchCriteriaId: "98CC9C9A-FE14-4D50-A8EC-C309229356C8", versionEndExcluding: "3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*", matchCriteriaId: "B0A5CC25-A323-4D49-8989-5A417D12D646", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.", }, { lang: "es", value: "Unas peticiones malformadas pueden causar que el servidor haga desreferencia a un puntero NULL. Este problema afecta a Apache HTTP Server versiones 2.4.48 y anteriores", }, ], id: "CVE-2021-34798", lastModified: "2024-11-21T06:11:13.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-09-16T15:15:07.267", references: [ { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "http://httpd.apache.org/security/vulnerabilities_24.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-685781.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10379", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3925e167d5eb1c75def3750c155d753064e1d34a143028bb32910432%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r61fdbfc26ab170f4e6492ef3bd5197c20b862ce156e9d5a54d4b899c%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r82838efc5fa6fc4c73986399c9b71573589f78b31846aff5bd9b1697%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r82c077663f9759c7df5a6656f925b3ee4f55fcd33c889ba7cd687029%40%3Cusers.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/10/msg00001.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPBR6WUYBJNACHKE65SPL7TJOHX7RHWD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNCYSR3BXT36FFF4XTCPL3HDQK4VP45R/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211008-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4982", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Summary
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| canonical | ubuntu_linux | 20.04 | |
| opensuse | leap | 15.1 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "A758E148-563D-4E04-A321-71FB7622314F", versionEndExcluding: "7.2.29", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "ECF918F4-EEAF-4F96-A49A-D367D549C52B", versionEndExcluding: "7.3.16", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "F809DF30-2CCC-4E3D-819B-75E5E0827E45", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash.", }, { lang: "es", value: "En PHP versiones 7.2.x por debajo de 7.2.9, versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, al analizar datos EXIF ??con la función exif_read_data(), es posible que unos datos maliciosos causen que PHP lea un byte de memoria no inicializada. Esto podría potencialmente conllevar a una divulgación de información o a un bloqueo", }, ], id: "CVE-2020-7064", lastModified: "2024-11-21T05:36:36.027", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-01T04:15:13.693", references: [ { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { source: "security@php.net", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79282", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79282", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-08-09 20:15
Modified
2024-11-21 04:20
Severity ?
Summary
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| apple | mac_os_x | * | |
| opensuse | leap | 15.0 | |
| redhat | software_collections | 1.0 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "BB562D9A-1014-4E8B-9C23-D27AE0804D37", versionEndExcluding: "7.1.31", versionStartIncluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "C12FECEA-A926-4C57-B65F-6815A6A091A9", versionEndExcluding: "7.2.21", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "76D1A2A9-CDA6-40AF-81C5-684FBCE2CC93", versionEndExcluding: "7.3.8", versionStartIncluding: "7.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", matchCriteriaId: "E773457A-E670-4DDA-86E2-0923C1DCD9BA", versionEndExcluding: "10.15.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", matchCriteriaId: "9D7EE4B6-A6EC-4B9B-91DF-79615796673F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", }, { lang: "es", value: "Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x anteriores a 7.2.21 y versiones 7.3.x anteriores a 7.3.8, es posible suministrarle datos que harán que se lea más allá del búfer asignado . Esto puede conllevar a la divulgación de información o bloqueo.", }, ], id: "CVE-2019-11042", lastModified: "2024-11-21T04:20:25.890", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "security@php.net", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 4.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-08-09T20:15:11.143", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "security@php.net", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78256", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210634", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210722", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-2/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Oct/55", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/35", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/38", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190822-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210634", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210722", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4097-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4527", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4529", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| canonical | ubuntu_linux | 20.04 | |
| tenable | tenable.sc | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "ECF918F4-EEAF-4F96-A49A-D367D549C52B", versionEndExcluding: "7.3.16", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "F809DF30-2CCC-4E3D-819B-75E5E0827E45", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.", }, { lang: "es", value: "En PHP versiones 7.3.x por debajo de 7.3.16 y versiones 7.4.x por debajo de 7.4.4, mientras se usa la función mb_strtolower() con codificación UTF-32LE, determinadas cadenas no comprobadas pueden causar que PHP sobrescriba el búfer asignado de la pila. Esto podría conllevar a una corrupción de la memoria, bloqueos y potencialmente a una ejecución de código.", }, ], id: "CVE-2020-7065", lastModified: "2024-11-21T05:36:36.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-01T04:15:13.943", references: [ { source: "security@php.net", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79371", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "security@php.net", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.php.net/ChangeLog-7.php#7.4.4", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79371", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://www.php.net/ChangeLog-7.php#7.4.4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-121", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-01 04:15
Modified
2024-11-21 05:36
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| php | php | * | |
| php | php | * | |
| php | php | * | |
| tenable | tenable.sc | * | |
| tenable | tenable.sc | 5.19.0 | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "A758E148-563D-4E04-A321-71FB7622314F", versionEndExcluding: "7.2.29", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "ECF918F4-EEAF-4F96-A49A-D367D549C52B", versionEndExcluding: "7.3.16", versionStartIncluding: "7.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "F809DF30-2CCC-4E3D-819B-75E5E0827E45", versionEndExcluding: "7.4.4", versionStartIncluding: "7.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:5.19.0:*:*:*:*:*:*:*", matchCriteriaId: "0D04D487-429B-4A0F-8B86-EBD355555EDF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server.", }, { lang: "es", value: "En las versiones de PHP 7.2.x anterior a la versión 7.2.29, 7.3.x anterior a 7.3.16 y 7.4.x anterior a 7.4.4, mientras usa get_headers () con la URL suministrada por el usuario, si la URL contiene un carácter cero (\\ 0), el La URL se truncará silenciosamente en ella. Esto puede hacer que algunos programas hagan suposiciones incorrectas sobre el objetivo de get_headers () y posiblemente envíen información a un servidor incorrecto.", }, ], id: "CVE-2020-7066", lastModified: "2024-11-21T05:36:36.360", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-01T04:15:14.020", references: [ { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { source: "security@php.net", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79329", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "security@php.net", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00025.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=79329", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200403-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4330-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4717", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4719", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-170", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-24 15:15
Modified
2024-11-21 06:22
Severity ?
Summary
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "20353A2F-46B5-4C46-B562-42CD6E2B248B", versionEndExcluding: "1.0.2za", versionStartIncluding: "1.0.2", vulnerable: true, }, { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "A9592A08-7FF0-490F-B684-6EA8E49F36C7", versionEndExcluding: "1.1.1l", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "62347994-1353-497C-9C4A-D5D8D95F67E8", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "433D435D-13D0-4EAA-ACD9-DD88DA712D00", versionEndIncluding: "11.50.2", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "D39DCAE7-494F-40B2-867F-6C6A077939DD", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storage_encryption:-:*:*:*:*:*:*:*", matchCriteriaId: "2D82795C-F1ED-4D2C-B578-75B9EECBB99C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*", matchCriteriaId: "A30F7908-5AF6-4761-BC6A-4C18EFAE48E5", versionEndExcluding: "5.10.0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*", matchCriteriaId: "0F30D3AF-4FA3-4B7A-BE04-C24E2EA19A95", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*", matchCriteriaId: "7B00DDE7-7002-45BE-8EDE-65D964922CB0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*", matchCriteriaId: "DB88C165-BB24-49FB-AAF6-087A766D5AD1", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*", matchCriteriaId: "FF806B52-DAD5-4D12-8BB6-3CBF9DC6B8DF", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*", matchCriteriaId: "7DE847E0-431D-497D-9C57-C4E59749F6A0", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*", matchCriteriaId: "46385384-5561-40AA-9FDE-A2DE4FDFAD3E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*", matchCriteriaId: "B7CA7CA6-7CF2-48F6-81B5-69BA0A37EF4E", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*", matchCriteriaId: "9E4E5481-1070-4E1F-8679-1985DE4E785A", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*", matchCriteriaId: "D9EEA681-67FF-43B3-8610-0FA17FD279E5", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*", matchCriteriaId: "C33BA8EA-793D-4E79-BE9C-235ACE717216", vulnerable: true, }, { criteria: "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*", matchCriteriaId: "823DBE80-CB8D-4981-AE7C-28F3FDD40451", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "9E0DE4DE-9454-4E8D-9E00-3CBCDD8C142A", versionEndExcluding: "6.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "8D977244-DC29-4301-8D89-0BD01BC328B8", versionEndIncluding: "5.19.1", versionStartIncluding: "5.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*", matchCriteriaId: "6A0BD5BD-E2F8-4B4E-B5CF-9787E6F2E4AE", versionEndExcluding: "11.1.2.4.047", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*", matchCriteriaId: "3197F464-F0A5-4BD4-9068-65CD448D8F4C", versionEndExcluding: "21.3", versionStartIncluding: "21.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*", matchCriteriaId: "15DD67FD-CE98-4556-A036-B2970935AF4D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*", matchCriteriaId: "AE23C7E1-F849-411D-850F-A504D4BA3414", versionEndIncluding: "8.0.27", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "88627B99-16DC-4878-A63A-A40F6FC1F477", versionEndIncluding: "8.0.25", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E667933A-37EA-4BC2-9180-C3B4B7038866", versionEndIncluding: "5.7.35", versionStartIncluding: "5.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "709E83B4-8C66-4255-870B-2F72B37BA8C6", versionEndIncluding: "8.0.26", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "EED6C8C2-F986-4CFD-A343-AD2340F850F2", versionEndIncluding: "8.0.26", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "E8929B61-16EC-4FE0-98A5-1CC7CC7FD9CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "DAAB7154-4DE8-4806-86D0-C1D33B84417B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "C6EAA723-2A23-4151-930B-86ACF9CC1C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "9C416FD3-2E2F-4BBC-BD5F-F896825883F4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D886339E-EDB2-4879-BD54-1800E4CA9CAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*", matchCriteriaId: "FB468FEE-A0F4-49A0-BBEE-10D0733C87D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*", matchCriteriaId: "CC5C177E-0C77-48C9-847A-A9E5AA7DBC1F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "348EEE70-E114-4720-AAAF-E77DE5C9A2D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3DCDD73B-57B1-4580-B922-5662E3AC13B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "7015A8CB-8FA6-423E-8307-BD903244F517", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "F9A4E206-56C7-4578-AC9C-088B0C8D9CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "0D1E6A38-4CBD-42E9-B2D2-11AEF157822F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5D105A5B-0AA8-4782-B804-CB1384F85884", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "BE34D4F7-5C18-4578-8D0A-722FDF931333", versionEndExcluding: "9.2.6.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own \"d2i\" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the \"data\" and \"length\" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the \"data\" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).", }, { lang: "es", value: "Las cadenas ASN.1 se representan internamente en OpenSSL como una estructura ASN1_STRING que contiene un búfer que contiene los datos de la cadena y un campo que contiene la longitud del búfer. Esto contrasta con las cadenas C normales, que se representan como un búfer para los datos de la cadena que termina con un byte NUL (0). Aunque no es un requisito estricto, las cadenas ASN.1 que se analizan usando las propias funciones \"d2i\" de OpenSSL (y otras funciones de análisis similares), así como cualquier cadena cuyo valor ha sido ajustado con la función ASN1_STRING_set(), terminarán adicionalmente con NUL la matriz de bytes en la estructura ASN1_STRING. Sin embargo, es posible que las aplicaciones construyan directamente estructuras ASN1_STRING válidas que no terminen en NUL la matriz de bytes, ajustando directamente los campos \"data\" y \"length\" en la matriz ASN1_STRING. Esto también puede ocurrir usando la función ASN1_STRING_set0(). Se ha detectado que numerosas funciones de OpenSSL que imprimen datos ASN.1 asumen que la matriz de bytes ASN1_STRING estará terminada en NUL, aunque esto no está garantizado para las cadenas que han sido construidas directamente. Cuando una aplicación pide que se imprima una estructura ASN.1, y cuando esa estructura ASN.1 contiene ASN1_STRINGs que han sido construidos directamente por la aplicación sin terminar en NUL el campo \"data\", entonces puede ocurrir un desbordamiento del buffer de lectura. Lo mismo puede ocurrir durante el procesamiento de las restricciones de nombre de los certificados (por ejemplo, si un certificado ha sido construido directamente por la aplicación en lugar de cargarlo por medio de las funciones de análisis de OpenSSL, y el certificado contiene estructuras ASN1_STRING sin terminación NUL). También puede ocurrir en las funciones X509_get1_email(), X509_REQ_get1_email() y X509_get1_ocsp(). Si un actor malicioso puede hacer que una aplicación construya directamente un ASN1_STRING y luego lo procese a mediante una de las funciones de OpenSSL afectadas, este problema podría ser alcanzado. Esto podría resultar en un bloqueo (causando un ataque de Denegación de Servicio). También podría resultar en la revelación de contenidos de memoria privada (como claves privadas, o texto plano confidencial). Corregido en OpenSSL versión 1.1.1l (Afectada 1.1.1-1.1.1k). Corregido en OpenSSL versión 1.0.2za (Afectada 1.0.2-1.0.2y).", }, ], id: "CVE-2021-3712", lastModified: "2024-11-21T06:22:13.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-24T15:15:09.533", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { source: "openssl-security@openssl.org", url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { source: "openssl-security@openssl.org", url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-16", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10366", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-02", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-28 15:15
Modified
2025-02-14 16:43
Severity ?
8.7 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
References
Impacted products
{ cisaActionDue: "2022-04-15", cisaExploitAdd: "2022-03-25", cisaRequiredAction: "Apply updates per vendor instructions.", cisaVulnerabilityName: "PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "D1C2F51F-19AA-4313-AE96-59F46F55D200", versionEndExcluding: "7.1.33", versionStartIncluding: "7.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "D6F43FF3-D1EB-473C-9B3A-96C21F63117D", versionEndExcluding: "7.2.24", versionStartIncluding: "7.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*", matchCriteriaId: "86C83E2A-D2FD-4A12-BD6A-6D48EDFFACC4", versionEndExcluding: "7.3.11", versionStartIncluding: "7.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*", matchCriteriaId: "9D7EE4B6-A6EC-4B9B-91DF-79615796673F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "6C3741B8-851F-475D-B428-523F4F722350", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", matchCriteriaId: "62C31522-0A17-4025-B269-855C7F4B45C2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*", matchCriteriaId: "6DAA8C42-870A-42B4-AE9F-7C67F4122ED3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "5A47EF78-A5B6-4B89-8B74-EEB0647C549F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.1_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "2FF1A19F-8A15-471A-B496-E1B4BA788356", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.2_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "EAD7EC1D-5979-42E6-9DA6-355B53431F3B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.4_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "AE49DCA5-1B01-4478-A1E9-2E87E948A0C1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "37B7CE5C-BFEA-4F96-9759-D511EF189059", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*", matchCriteriaId: "213593D4-EB5A-4A1B-BDF3-3F043C5F6A6C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "C84EAAE7-0249-4EA1-B8D3-E039B03ACDC3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "2148300C-ECBD-4ED5-A164-79629859DD43", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", matchCriteriaId: "32AF225E-94C0-4D07-900C-DD868C05F554", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*", matchCriteriaId: "FFC68D88-3CD3-4A3D-A01B-E9DBACD9B9CB", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1_s390x:*:*:*:*:*:*:*", matchCriteriaId: "00966AC5-1C84-4B5F-9665-5E99D4AEB3A2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2_s390x:*:*:*:*:*:*:*", matchCriteriaId: "0D04F433-CB52-4F3D-8711-39D3BDA27FE3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4_s390x:*:*:*:*:*:*:*", matchCriteriaId: "07332196-7E36-4E95-81BC-DD959629C1BE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*", matchCriteriaId: "B758EDC9-6421-422C-899E-A273D2936D8E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*", matchCriteriaId: "22C65F53-D624-48A9-A9B7-4C78A31E19F9", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "6D8D654F-2442-4EA0-AF89-6AC2CD214772", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8BCF87FD-9358-42A5-9917-25DF0180A5A6", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*", matchCriteriaId: "8036E2AE-4E44-4FA5-AFFB-A3724BFDD654", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "7A584AAA-A14F-4C64-8FED-675DC36F69A3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "23D471AC-7DCA-4425-AD91-E5D928753A8C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "418488A5-2912-406C-9337-B8E85D0C2B57", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "F505D098-2143-4218-A528-D92BFC017FFD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "96E5CEC7-D3B9-4895-96E9-E26D2ACF1AE3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "BB28CF82-799F-4A6E-B1DB-0AB423E6C05D", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "D9C30C59-07F7-4CCE-B057-052ECCD36DB8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*", matchCriteriaId: "F91F9255-4EE1-43C7-8831-D2B6C228BFD9", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", matchCriteriaId: "37CE1DC7-72C5-483C-8921-0B462C8284D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "76C24D94-834A-4E9D-8F73-624AFA99AAA2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "1272DF03-7674-4BD4-8E64-94004B195448", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", matchCriteriaId: "F1CA946D-1665-4874-9D41-C7D963DD1F56", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.", }, { lang: "es", value: "En PHP versiones 7.1.x anteriores a la versión 7.1.33, versiones 7.2.x anteriores a la versión 7.2.24 y versiones 7.3.x anteriores a 7.3.11, en ciertas configuraciones del FPM setup, es posible causar que el módulo FPM escriba más allá de los búferes asignados en el espacio reservado para datos de protocolo FCGI, abriendo así la posibilidad de ejecución de código remota.", }, ], id: "CVE-2019-11043", lastModified: "2025-02-14T16:43:36.877", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.8, source: "security@php.net", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-28T15:15:13.863", references: [ { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", }, { source: "security@php.net", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/Jan/40", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3286", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3287", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3300", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3724", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3735", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3736", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0322", }, { source: "security@php.net", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78599", }, { source: "security@php.net", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/neex/phuip-fpizdam", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/44", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191031-0003/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210919", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4166-1/", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4166-2/", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4552", }, { source: "security@php.net", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4553", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_36", }, { source: "security@php.net", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/156642/PHP-FPM-7.x-Remote-Code-Execution.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2020/Jan/40", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3286", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3299", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3300", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3735", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3736", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0322", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugs.php.net/bug.php?id=78599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/neex/phuip-fpizdam", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3W23TP6X4H7LB645FYZLUPNIRD5W3EPU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FSNBUSPKMLUHHOADROKNG5GDWDCRHT5M/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T62LF4ZWVV7OMMIZFO6IFO5QLZKK7YRD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2020/Jan/44", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191031-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210919", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K75408500?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4166-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4166-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4552", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4553", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.synology.com/security/advisory/Synology_SA_19_36", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, ], sourceIdentifier: "security@php.net", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "security@php.net", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-09 03:15
Modified
2024-11-21 04:58
Severity ?
Summary
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sqlite:sqlite:*:*:*:*:*:*:*:*", matchCriteriaId: "207373A2-D1D0-4A2B-BC38-B6674613AE68", versionEndIncluding: "3.31.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", matchCriteriaId: "902B8056-9E37-443B-8905-8AA93E2447FB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "B51F78F4-8D7E-48C2-86D1-D53A6EB348A7", versionEndIncluding: "8.2.2", versionStartIncluding: "8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", matchCriteriaId: "2AB443D1-D8E0-4253-9E1C-B62AEBBE582A", versionEndIncluding: "12.0.3", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "ECC00750-1DBF-401F-886E-E0E65A277409", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.2:*:*:*:*:*:*:*", matchCriteriaId: "4FE8EE20-EDB0-468B-9441-8BB2C58C13A2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "3E5416A1-EE58-415D-9645-B6A875EBAED2", versionEndIncluding: "8.2.2", versionStartIncluding: "8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "11B0C37E-D7C7-45F2-A8D8-5A3B1B191430", versionEndIncluding: "8.2.2", versionStartIncluding: "8.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_infrastructure_technology:11.1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "DED59B62-C9BF-4C0E-B351-3884E8441655", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", matchCriteriaId: "D98E76D5-B089-425D-9C44-8C6C393DE1DE", versionEndIncluding: "8.0.22", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*", matchCriteriaId: "1E93384A-B962-4692-8735-2DA55A2969A2", versionEndIncluding: "8.0.22", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:outside_in_technology:8.5.4:*:*:*:*:*:*:*", matchCriteriaId: "72F1A960-EBA5-4BDB-B629-20F0D2384562", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:outside_in_technology:8.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3198F822-43F8-4CB3-97F7-C2982FDA5CBD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", matchCriteriaId: "7569C0BD-16C1-441E-BAEB-840C94BE73EF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "41DBA7C7-8084-45F6-B59D-13A9022C34DF", versionEndExcluding: "5.19.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.", }, { lang: "es", value: "SQLite versiones hasta 3.31.1, permite a atacantes causar una denegación de servicio (fallo de segmentación) por medio de una consulta de una función de window malformada porque la inicialización el objeto AggInfo es manejada inapropiadamente.", }, ], id: "CVE-2020-11655", lastModified: "2024-11-21T04:58:20.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-09T03:15:11.363", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-26", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4394-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/05/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202007-26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20200416-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4394-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuApr2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-14", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www3.sqlite.org/cgi/src/tktview?name=af4556bb5c", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-665", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-16 08:15
Modified
2024-11-21 06:08
Severity ?
Summary
A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| tenable | tenable.sc | * | |
| oracle | secure_backup | * | |
| oracle | zfs_storage_appliance_kit | 8.8 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", matchCriteriaId: "C700D9C3-7023-48A7-8A76-70597D99829E", versionEndIncluding: "2.4.48", versionStartIncluding: "2.4.17", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "A686FAF0-1383-4BBB-B7F5-CBCCAB55B356", versionEndIncluding: "5.19.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*", matchCriteriaId: "C01E8B82-71C7-4A4A-A70A-7B147524AB4A", versionEndExcluding: "18.1.0.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48.", }, { lang: "es", value: "Un método diseñado enviado mediante HTTP/2 omitirá la comprobación y será reenviado por mod_proxy, lo que puede conllevar a la división de peticiones o el envenenamiento de la caché. Este problema afecta a Apache HTTP Server versiones 2.4.17 a 2.4.48.", }, ], id: "CVE-2021-33193", lastModified: "2024-11-21T06:08:29.210", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-16T08:15:11.480", references: [ { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/", }, { source: "security@apache.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/", }, { source: "security@apache.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://portswigger.net/research/http2", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210917-0004/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/apache/httpd/commit/ecebcc035ccd8d0e2984fe41420d9e944f456b3c.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re4162adc051c1a0a79e7a24093f3776373e8733abaff57253fef341d%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ree7519d71415ecdd170ff1889cab552d71758d2ba2904a17ded21a70%40%3Ccvs.httpd.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/03/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSM6UWQICBJ2TU727RENU3HBKEAFLT6T/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUVJVRJRBW5QVX4OY3NOHZDQ3B3YOTSG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://portswigger.net/research/http2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202208-20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210917-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-httpd-2.4.49-VWL69sWQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-17", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-10-26 15:15
Modified
2024-11-21 06:25
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:*", matchCriteriaId: "EA897736-789A-461C-86F5-E7470E643213", versionEndExcluding: "1.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "013FAABA-8CDD-46AD-B321-9908634C880A", versionEndExcluding: "7.86", versionStartIncluding: "7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "BE1268C5-DEFD-44D8-8994-D93C7839D5C2", versionEndExcluding: "9.2.11", versionStartIncluding: "9.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", matchCriteriaId: "7A28F55D-AEB8-454E-B1A9-163C4CB2B38D", versionEndExcluding: "9.3.3", versionStartIncluding: "9.3.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", matchCriteriaId: "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*", matchCriteriaId: "48B23728-0050-4AF0-B8B0-A959CBAB4505", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*", matchCriteriaId: "AB9FC9AB-1070-420F-870E-A5EC43A924A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "BDC6D658-09EA-4C41-869F-1C2EA163F751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:*", matchCriteriaId: "384DEDD9-CB26-4306-99D8-83068A9B23ED", versionEndExcluding: "23.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*", matchCriteriaId: "BEF828F5-C666-40DA-98DD-CDF658D7090B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", matchCriteriaId: "E812639B-EE28-4C68-9F6F-70C8BF981C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*", matchCriteriaId: "CBE1A019-7BB6-4226-8AC4-9D6927ADAEFA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*", matchCriteriaId: "B98BAEB2-A540-4E8A-A946-C4331B913AFD", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B8FBE260-E306-4215-80C0-D2D27CA43E0F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8865CE15-F9A1-4A46-AF93-B58356BDEE6F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:*", matchCriteriaId: "6D954246-92D7-4361-A033-E21D81816BB1", versionEndIncluding: "11.14.0", versionStartIncluding: "8.11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*", matchCriteriaId: "CBDA65DE-5727-49DC-8D50-DA81DB3E8841", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "C5F35B8D-6F26-4682-8541-6F10EE2ACE7E", versionEndIncluding: "9.2.6.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747", versionEndIncluding: "8.0.29", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:*", matchCriteriaId: "DD3FF8D4-A5F3-4930-A189-9BB851A7B95A", versionEndIncluding: "12.2.5", versionStartIncluding: "12.2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "6951D244-845C-4BF2-AC75-F226B0C39C77", versionEndIncluding: "17.12", versionStartIncluding: "17.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*", matchCriteriaId: "99365245-49E8-4616-BD24-CE564AC1D17E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*", matchCriteriaId: "B201A85E-1310-46B8-8A3B-FF7675F84E09", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*", matchCriteriaId: "4A932C79-8646-4023-9C12-9C7A2A6840EC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*", matchCriteriaId: "15F45363-236B-4040-8AE4-C6C0E204EDBA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:*", matchCriteriaId: "105BF985-2403-455E-BAA1-509245B54A1D", versionEndExcluding: "22.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*", matchCriteriaId: "281F1ACB-3180-422C-BADF-B0AE5F50924E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "CAB9A41F-91F1-40DF-BF12-6ADA7229A84C", versionEndExcluding: "5.21.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.", }, { lang: "es", value: "jQuery-UI es la biblioteca oficial de interfaz de usuario de jQuery. Antes de la versión 1.13.0, aceptar el valor de varias opciones \"*Text\" del widget Datepicker desde fuentes no confiables podía ejecutar código no confiable. El problema es corregido en jQuery UI versión 1.13.0. Los valores pasados a varias opciones \"*Text\" son ahora tratados siempre como texto puro, no como HTML. Una solución es no aceptar el valor de las opciones \"*Text\" de fuentes no confiables", }, ], id: "CVE-2021-41183", lastModified: "2024-11-21T06:25:42.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-10-26T15:15:10.387", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "security-advisories@github.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.jqueryui.com/ticket/15284", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/pull/1953", }, { source: "security-advisories@github.com", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-001", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-002", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://blog.jqueryui.com/2021/10/jquery-ui-1-13-0-released/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugs.jqueryui.com/ticket/15284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/pull/1953", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Third Party Advisory", ], url: "https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/08/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVKIOWSXL2RF2ULNAP7PHESYCFSZIJE3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXIUUBRVLA4E7G7MMIKCEN75YN7UFERW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O74SXYY7RGXREQDQUDQD4BPJ4QQTD2XQ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGSY236PYSFYIEBRGDERLA7OSY6D7XL4/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SNXA7XRKGINWSUIPIZ6ZBCTV6N3KSHES/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211118-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-contrib-2022-004", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-001", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.drupal.org/sa-core-2022-002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Release Notes", "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-09", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-24 15:15
Modified
2024-11-21 06:22
Severity ?
Summary
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", matchCriteriaId: "A9592A08-7FF0-490F-B684-6EA8E49F36C7", versionEndExcluding: "1.1.1l", versionStartIncluding: "1.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*", matchCriteriaId: "1FE996B1-6951-4F85-AA58-B99A379D2163", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "62347994-1353-497C-9C4A-D5D8D95F67E8", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "433D435D-13D0-4EAA-ACD9-DD88DA712D00", versionEndIncluding: "11.50.2", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*", matchCriteriaId: "D39DCAE7-494F-40B2-867F-6C6A077939DD", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*", matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:storage_encryption:-:*:*:*:*:*:*:*", matchCriteriaId: "2D82795C-F1ED-4D2C-B578-75B9EECBB99C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "C6EAA723-2A23-4151-930B-86ACF9CC1C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "9C416FD3-2E2F-4BBC-BD5F-F896825883F4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "D886339E-EDB2-4879-BD54-1800E4CA9CAE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*", matchCriteriaId: "FB468FEE-A0F4-49A0-BBEE-10D0733C87D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*", matchCriteriaId: "CC5C177E-0C77-48C9-847A-A9E5AA7DBC1F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", matchCriteriaId: "348EEE70-E114-4720-AAAF-E77DE5C9A2D1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*", matchCriteriaId: "3DCDD73B-57B1-4580-B922-5662E3AC13B6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*", matchCriteriaId: "7015A8CB-8FA6-423E-8307-BD903244F517", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*", matchCriteriaId: "F9A4E206-56C7-4578-AC9C-088B0C8D9CFE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*", matchCriteriaId: "C78A7E07-AB08-46C5-942D-B40BBE0C0D06", versionEndExcluding: "11.1.2.4.47", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*", matchCriteriaId: "F2A9C248-94B0-4F7B-AD9C-4BE55AA1E3F2", versionEndExcluding: "21.3", versionStartIncluding: "21.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "2F12453B-0E7B-46B9-ADEC-0AC5EDC41058", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform_publisher:6.3.1.1:*:*:*:*:*:*:*", matchCriteriaId: "5D105A5B-0AA8-4782-B804-CB1384F85884", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*", matchCriteriaId: "BE34D4F7-5C18-4578-8D0A-722FDF931333", versionEndExcluding: "9.2.6.3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*", matchCriteriaId: "AE23C7E1-F849-411D-850F-A504D4BA3414", versionEndIncluding: "8.0.27", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "88627B99-16DC-4878-A63A-A40F6FC1F477", versionEndIncluding: "8.0.25", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "E667933A-37EA-4BC2-9180-C3B4B7038866", versionEndIncluding: "5.7.35", versionStartIncluding: "5.7.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", matchCriteriaId: "709E83B4-8C66-4255-870B-2F72B37BA8C6", versionEndIncluding: "8.0.26", versionStartIncluding: "8.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tenable:nessus_network_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "5FD1ED11-84AA-47E6-AD00-E08D035AF53B", versionEndIncluding: "5.13.1", vulnerable: true, }, { criteria: "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*", matchCriteriaId: "8D977244-DC29-4301-8D89-0BD01BC328B8", versionEndIncluding: "5.19.1", versionStartIncluding: "5.16.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the \"out\" parameter can be NULL and, on exit, the \"outlen\" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the \"out\" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).", }, { lang: "es", value: "Para descifrar los datos cifrados de SM2 se espera que una aplicación llame a la función de la API EVP_PKEY_decrypt(). Normalmente, una aplicación llamará a esta función dos veces. La primera vez, al entrar, el parámetro \"out\" puede ser NULL y, al salir, el parámetro \"outlen\" se rellena con el tamaño del búfer necesario para contener el texto plano descifrado. La aplicación puede entonces asignar un búfer de tamaño suficiente y llamar de nuevo a EVP_PKEY_decrypt(), pero esta vez pasando un valor no NULL para el parámetro \"out\". Un bug en la implementación del código de descifrado SM2 significa que el cálculo del tamaño del búfer necesario para mantener el texto plano devuelto por la primera llamada a EVP_PKEY_decrypt() puede ser menor que el tamaño real requerido por la segunda llamada. Esto puede conllevar a un desbordamiento del búfer cuando la aplicación llama a EVP_PKEY_decrypt() por segunda vez con un búfer demasiado pequeño. Un atacante malicioso que sea capaz de presentar el contenido de SM2 para su descifrado a una aplicación podría causar que los datos elegidos por el atacante desborden el búfer hasta un máximo de 62 bytes alterando el contenido de otros datos mantenidos después del búfer, posiblemente cambiando el comportamiento de la aplicación o causando el bloqueo de la misma. La ubicación del búfer depende de la aplicación, pero normalmente se asigna a la pila. Corregido en OpenSSL versión 1.1.1l (Afectada 1.1.1-1.1.1k).", }, ], id: "CVE-2021-3711", lastModified: "2024-11-21T06:22:12.960", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-24T15:15:09.133", references: [ { source: "openssl-security@openssl.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "openssl-security@openssl.org", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { source: "openssl-security@openssl.org", url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { source: "openssl-security@openssl.org", url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { source: "openssl-security@openssl.org", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { source: "openssl-security@openssl.org", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "openssl-security@openssl.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-16", }, { source: "openssl-security@openssl.org", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/08/26/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=59f5e75f3bced8fc0e130d72a3f582cf7b480b46", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20210827-0010/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211022-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20240621-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-4963", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.openssl.org/news/secadv/20210824.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2021-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.tenable.com/security/tns-2022-02", }, ], sourceIdentifier: "openssl-security@openssl.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }