Vulnerability-Lookup

CVE-2018-11761 (GCVE-0-2018-11761)

Vulnerability from cvelistv5 – Published: 2018-09-19 14:00 – Updated: 2024-09-16 18:39

Summary

In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.

Severity

No CVSS data available.

CWE

Denial of Service via XML Entity Expansion

Assigner

apache

References

4 references

URL	Tags
http://www.securityfocus.com/bid/105514	vdb-entryx_refsource_BID
https://lists.apache.org/thread.html/5553e10bba56…	mailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/708d94141126…	mailing-listx_refsource_MLIST
https://www.oracle.com/technetwork/security-advis…	x_refsource_MISC

Impacted products

1 product

Vendor	Product	Version
Apache Software Foundation	Apache Tika	Affected: 0.1 to 1.18

Date Public

2018-09-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:17:09.097Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105514",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105514"
          },
          {
            "name": "[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E"
          },
          {
            "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Apache Tika",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "status": "affected",
              "version": "0.1 to 1.18"
            }
          ]
        }
      ],
      "datePublic": "2018-09-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service via XML Entity Expansion",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-11-12T19:07:08.000Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "name": "105514",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105514"
        },
        {
          "name": "[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E"
        },
        {
          "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "DATE_PUBLIC": "2018-09-19T00:00:00",
          "ID": "CVE-2018-11761",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Apache Tika",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.1 to 1.18"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Apache Software Foundation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service via XML Entity Expansion"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105514",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105514"
            },
            {
              "name": "[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E"
            },
            {
              "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2018-11761",
    "datePublished": "2018-09-19T14:00:00.000Z",
    "dateReserved": "2018-06-05T00:00:00.000Z",
    "dateUpdated": "2024-09-16T18:39:59.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2018-11761",
      "date": "2026-05-29",
      "epss": "0.11027",
      "percentile": "0.93552"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"0.1\", \"versionEndIncluding\": \"1.18\", \"matchCriteriaId\": \"E4CDD0DD-833B-43B3-8701-2C3CF76F7515\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B887E174-57AB-449D-AEE4-82DD1A3E5C84\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E869C417-C0E6-4FC3-B406-45598A1D1906\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.\"}, {\"lang\": \"es\", \"value\": \"En Apache Tika desde la versi\\u00f3n 0.1 hasta la 1.18, los analizadores XML no estaban configurados para limitar la expansi\\u00f3n de las entidades. Por lo tanto, eran vulnerables a una expansi\\u00f3n de entidades, lo que podr\\u00eda conducir a un ataque de denegaci\\u00f3n de servicio (DoS).\"}]",
      "id": "CVE-2018-11761",
      "lastModified": "2024-11-21T03:43:58.560",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-09-19T14:29:00.287",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/105514\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105514\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@apache.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-611\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-11761\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2018-09-19T14:29:00.287\",\"lastModified\":\"2024-11-21T03:43:58.560\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.\"},{\"lang\":\"es\",\"value\":\"En Apache Tika desde la versi\u00f3n 0.1 hasta la 1.18, los analizadores XML no estaban configurados para limitar la expansi\u00f3n de las entidades. Por lo tanto, eran vulnerables a una expansi\u00f3n de entidades, lo que podr\u00eda conducir a un ataque de denegaci\u00f3n de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.1\",\"versionEndIncluding\":\"1.18\",\"matchCriteriaId\":\"E4CDD0DD-833B-43B3-8701-2C3CF76F7515\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B887E174-57AB-449D-AEE4-82DD1A3E5C84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E869C417-C0E6-4FC3-B406-45598A1D1906\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/105514\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105514\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}

BDU:2019-01770

Vulnerability from fstec - Published: 19.09.2018

Title

Уязвимость анализатора XML среды обнаружения и анализа контента Apache Tika, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость анализатора XML среды обнаружения и анализа контента Apache Tika связана с неверным ограничением XML-ссылок на внешние объекты. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Apache Software Foundation, Oracle Corp.

Software Name

Tika, Oracle Business Process Management Suite

Software Version

от 0.1 до 1.18 включительно (Tika), 12.1.3.0.0 (Oracle Business Process Management Suite), 12.2.1.3.0 (Oracle Business Process Management Suite)

Possible Mitigations

Для продуктов Oracle использование рекомендаций: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Reference

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://nvd.nist.gov/vuln/detail/CVE-2018-11761

CWE

CWE-611

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Apache Software Foundation, Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 0.1 \u0434\u043e 1.18 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Tika), 12.1.3.0.0 (Oracle Business Process Management Suite), 12.2.1.3.0 (Oracle Business Process Management Suite)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.09.2018",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.05.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01770",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-11761",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Tika, Oracle Business Process Management Suite",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440\u0430 XML \u0441\u0440\u0435\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 Apache Tika, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435 XML-\u0441\u0441\u044b\u043b\u043e\u043a \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b (CWE-611)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440\u0430 XML \u0441\u0440\u0435\u0434\u044b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430 Apache Tika \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0432\u0435\u0440\u043d\u044b\u043c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0435\u043c XML-\u0441\u0441\u044b\u043b\u043e\u043a \u043d\u0430 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-11761",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-611",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CERTFR-2026-AVI-0556

Vulnerability from certfr_avis - Published: 2026-05-11 - Updated: 2026-05-11

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 31.3.x antérieures à 3.13.15
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server For Kubernetes versions antérieures à 1.3.0
VMware	Tanzu	Tanzu Data Flow on Kubernetes versions antérieures à 2.1.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.0.x antérieures à 4.0.20
VMware	Tanzu Greenplum	Tanzu Greenplum Backup and Restore versions antérieures à1.33.0
VMware	Tanzu Greenplum	Tanzu Greenplum Data Copy Utility versions antérieures à 2.9.3
VMware	Tanzu	Tanzu for Valkey on Kubernetes versions antérieures à 3.3.4
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions 6.17.x antérieures à 6.17.0
VMware	Tanzu Greenplum	Tanzu Greenplum on Kubernetes versions antérieures à 1.1.0
VMware	Tanzu Greenplum	Tanzu Greenplum Platform Extension Framework versions antérieures à 8.0.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.2.x antérieures à 4.2.6
VMware	Tanzu Greenplum	Tanzu Greenplum Text versions antérieures à 4.0.0
VMware	Tanzu Greenplum	Tanzu Greenplum Streaming Server versions antérieures à 2.3.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.3.x antérieures à 4.3.0
VMware	Tanzu	Tanzu for Valkey on Kubernetes versions antérieures à 3.4.0
VMware	Tanzu Gemfire	Tanzu GemFire versions antérieures à 10.2.3
VMware	Tanzu Greenplum	Tanzu Greenplum Upgrade versions antérieures à 2.0.0
VMware	Tanzu Greenplum	Tanzu Greenplumversions antérieures à 7.8.0
VMware	Tanzu Gemfire	Tanzu GemFire Vector Database versions antérieures à 1.2.2
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 6.33.0
VMware	Tanzu Greenplum	Tanzu Greenplum Command Center versions 7.7.x antérieures à 7.7.0
VMware	Tanzu	Tanzu RabbitMQ on Kubernetes versions 4.1.x antérieures à 4.1.11
VMware	Tanzu	Tanzu for MySQL on Kubernetes versions antérieures à 2.0.3

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 37451	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37445	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37460	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37449	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37450	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37466	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37468	2026-05-08	vendor-advisory
Bulletin de sécurité VMware 37444	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37461	2026-05-07	vendor-advisory
Bulletin de sécurité VMware DSA-2016-11	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37446	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37465	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37448	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37447	2026-05-06	vendor-advisory
Bulletin de sécurité VMware 37463	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37452	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37462	2026-05-07	vendor-advisory
Bulletin de sécurité VMware 37464	2026-05-07	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu RabbitMQ on Kubernetes versions 31.3.x ant\u00e9rieures \u00e0 3.13.15",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Streaming Server For Kubernetes versions ant\u00e9rieures \u00e0 1.3.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Data Flow on Kubernetes versions ant\u00e9rieures \u00e0 2.1.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ on Kubernetes versions 4.0.x ant\u00e9rieures \u00e0 4.0.20",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Backup and Restore versions ant\u00e9rieures \u00e01.33.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Data Copy Utility versions ant\u00e9rieures \u00e0 2.9.3",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.3.4",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Command Center versions 6.17.x ant\u00e9rieures \u00e0 6.17.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum on Kubernetes versions ant\u00e9rieures \u00e0 1.1.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Platform Extension Framework versions ant\u00e9rieures \u00e0 8.0.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ on Kubernetes versions 4.2.x ant\u00e9rieures \u00e0 4.2.6",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Text versions ant\u00e9rieures \u00e0 4.0.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Streaming Server versions ant\u00e9rieures \u00e0 2.3.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ on Kubernetes versions 4.3.x ant\u00e9rieures \u00e0 4.3.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu for Valkey on Kubernetes versions ant\u00e9rieures \u00e0 3.4.0",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": " Tanzu GemFire versions ant\u00e9rieures \u00e0 10.2.3",
      "product": {
        "name": "Tanzu Gemfire",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Upgrade versions ant\u00e9rieures \u00e0 2.0.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplumversions ant\u00e9rieures \u00e0 7.8.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu GemFire Vector Database versions ant\u00e9rieures \u00e0 1.2.2",
      "product": {
        "name": "Tanzu Gemfire",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.33.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum Command Center versions 7.7.x ant\u00e9rieures \u00e0 7.7.0",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu RabbitMQ on Kubernetes versions 4.1.x ant\u00e9rieures \u00e0 4.1.11",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu for MySQL on Kubernetes versions ant\u00e9rieures \u00e0 2.0.3\n",
      "product": {
        "name": "Tanzu",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-8715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
    },
    {
      "name": "CVE-2025-30681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
    },
    {
      "name": "CVE-2018-19361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
    },
    {
      "name": "CVE-2019-12384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
    },
    {
      "name": "CVE-2025-69534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
    },
    {
      "name": "CVE-2025-61730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61730"
    },
    {
      "name": "CVE-2026-27135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27135"
    },
    {
      "name": "CVE-2019-17267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17267"
    },
    {
      "name": "CVE-2025-3264",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
    },
    {
      "name": "CVE-2018-19362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
    },
    {
      "name": "CVE-2025-15282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15282"
    },
    {
      "name": "CVE-2026-33871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
    },
    {
      "name": "CVE-2026-22737",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22737"
    },
    {
      "name": "CVE-2020-26939",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-26939"
    },
    {
      "name": "CVE-2021-29425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
    },
    {
      "name": "CVE-2025-53042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
    },
    {
      "name": "CVE-2026-4878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4878"
    },
    {
      "name": "CVE-2026-35238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35238"
    },
    {
      "name": "CVE-2025-30689",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
    },
    {
      "name": "CVE-2026-27205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27205"
    },
    {
      "name": "CVE-2025-9231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
    },
    {
      "name": "CVE-2025-30715",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
    },
    {
      "name": "CVE-2024-37891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
    },
    {
      "name": "CVE-2025-30682",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
    },
    {
      "name": "CVE-2026-32990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32990"
    },
    {
      "name": "CVE-2022-30973",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30973"
    },
    {
      "name": "CVE-2025-50102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
    },
    {
      "name": "CVE-2026-1669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1669"
    },
    {
      "name": "CVE-2026-39892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-39892"
    },
    {
      "name": "CVE-2023-33201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33201"
    },
    {
      "name": "CVE-2026-33186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
    },
    {
      "name": "CVE-2021-27906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27906"
    },
    {
      "name": "CVE-2025-27516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
    },
    {
      "name": "CVE-2018-14719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
    },
    {
      "name": "CVE-2026-34267",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34267"
    },
    {
      "name": "CVE-2023-50386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50386"
    },
    {
      "name": "CVE-2026-21936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21936"
    },
    {
      "name": "CVE-2026-21937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21937"
    },
    {
      "name": "CVE-2025-66614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66614"
    },
    {
      "name": "CVE-2020-15250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
    },
    {
      "name": "CVE-2016-1000341",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000341"
    },
    {
      "name": "CVE-2026-32286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32286"
    },
    {
      "name": "CVE-2025-50100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
    },
    {
      "name": "CVE-2020-9546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9546"
    },
    {
      "name": "CVE-2020-13956",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13956"
    },
    {
      "name": "CVE-2026-35239",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35239"
    },
    {
      "name": "CVE-2026-3497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3497"
    },
    {
      "name": "CVE-2025-53062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
    },
    {
      "name": "CVE-2026-25990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25990"
    },
    {
      "name": "CVE-2026-32288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32288"
    },
    {
      "name": "CVE-2021-36373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36373"
    },
    {
      "name": "CVE-2020-10673",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10673"
    },
    {
      "name": "CVE-2024-12797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
    },
    {
      "name": "CVE-2025-12084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12084"
    },
    {
      "name": "CVE-2020-35728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
    },
    {
      "name": "CVE-2026-0897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0897"
    },
    {
      "name": "CVE-2025-5197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
    },
    {
      "name": "CVE-2026-34271",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34271"
    },
    {
      "name": "CVE-2019-10094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10094"
    },
    {
      "name": "CVE-2026-24308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24308"
    },
    {
      "name": "CVE-2025-11468",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11468"
    },
    {
      "name": "CVE-2025-30703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
    },
    {
      "name": "CVE-2020-36181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
    },
    {
      "name": "CVE-2020-9548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9548"
    },
    {
      "name": "CVE-2026-3446",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3446"
    },
    {
      "name": "CVE-2026-32875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32875"
    },
    {
      "name": "CVE-2020-36182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
    },
    {
      "name": "CVE-2025-6069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
    },
    {
      "name": "CVE-2016-1000343",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000343"
    },
    {
      "name": "CVE-2020-24616",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24616"
    },
    {
      "name": "CVE-2020-10683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10683"
    },
    {
      "name": "CVE-2022-24613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24613"
    },
    {
      "name": "CVE-2025-50080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
    },
    {
      "name": "CVE-2025-6075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
    },
    {
      "name": "CVE-2026-27456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27456"
    },
    {
      "name": "CVE-2026-22701",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22701"
    },
    {
      "name": "CVE-2026-34270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34270"
    },
    {
      "name": "CVE-2026-34303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34303"
    },
    {
      "name": "CVE-2025-4330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
    },
    {
      "name": "CVE-2025-2953",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
    },
    {
      "name": "CVE-2020-36185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
    },
    {
      "name": "CVE-2025-50078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
    },
    {
      "name": "CVE-2025-3933",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
    },
    {
      "name": "CVE-2025-4138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
    },
    {
      "name": "CVE-2025-61731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61731"
    },
    {
      "name": "CVE-2018-8036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
    },
    {
      "name": "CVE-2023-36632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
    },
    {
      "name": "CVE-2022-26612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26612"
    },
    {
      "name": "CVE-2022-36364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
    },
    {
      "name": "CVE-2026-27143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27143"
    },
    {
      "name": "CVE-2019-16942",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16942"
    },
    {
      "name": "CVE-2025-30696",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
    },
    {
      "name": "CVE-2026-22009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22009"
    },
    {
      "name": "CVE-2018-1320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1320"
    },
    {
      "name": "CVE-2025-13837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13837"
    },
    {
      "name": "CVE-2020-9547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9547"
    },
    {
      "name": "CVE-2026-29145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29145"
    },
    {
      "name": "CVE-2025-24970",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
    },
    {
      "name": "CVE-2025-49128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49128"
    },
    {
      "name": "CVE-2026-21998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21998"
    },
    {
      "name": "CVE-2019-17558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17558"
    },
    {
      "name": "CVE-2020-36179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
    },
    {
      "name": "CVE-2026-35469",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
    },
    {
      "name": "CVE-2020-13955",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13955"
    },
    {
      "name": "CVE-2018-14718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
    },
    {
      "name": "CVE-2020-10650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10650"
    },
    {
      "name": "CVE-2025-21584",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
    },
    {
      "name": "CVE-2025-66516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66516"
    },
    {
      "name": "CVE-2025-15367",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15367"
    },
    {
      "name": "CVE-2016-1000346",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000346"
    },
    {
      "name": "CVE-2020-36186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
    },
    {
      "name": "CVE-2020-36189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
    },
    {
      "name": "CVE-2025-9820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9820"
    },
    {
      "name": "CVE-2026-2006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2006"
    },
    {
      "name": "CVE-2020-35490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
    },
    {
      "name": "CVE-2026-35236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35236"
    },
    {
      "name": "CVE-2026-33870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
    },
    {
      "name": "CVE-2020-13936",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
    },
    {
      "name": "CVE-2025-50085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
    },
    {
      "name": "CVE-2021-20190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
    },
    {
      "name": "CVE-2021-35516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35516"
    },
    {
      "name": "CVE-2024-29857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
    },
    {
      "name": "CVE-2018-19360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
    },
    {
      "name": "CVE-2023-33202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33202"
    },
    {
      "name": "CVE-2025-41248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
    },
    {
      "name": "CVE-2024-13009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-13009"
    },
    {
      "name": "CVE-2026-5121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5121"
    },
    {
      "name": "CVE-2024-12798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
    },
    {
      "name": "CVE-2025-0938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
    },
    {
      "name": "CVE-2026-35237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35237"
    },
    {
      "name": "CVE-2014-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0114"
    },
    {
      "name": "CVE-2026-33236",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33236"
    },
    {
      "name": "CVE-2022-32287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32287"
    },
    {
      "name": "CVE-2026-2005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2005"
    },
    {
      "name": "CVE-2019-16335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16335"
    },
    {
      "name": "CVE-2016-1000345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000345"
    },
    {
      "name": "CVE-2026-24051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24051"
    },
    {
      "name": "CVE-2022-39135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-39135"
    },
    {
      "name": "CVE-2025-33042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-33042"
    },
    {
      "name": "CVE-2026-34073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34073"
    },
    {
      "name": "CVE-2026-27144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27144"
    },
    {
      "name": "CVE-2018-7489",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2025-8291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
    },
    {
      "name": "CVE-2026-22017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22017"
    },
    {
      "name": "CVE-2022-26336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26336"
    },
    {
      "name": "CVE-2024-21244",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21244"
    },
    {
      "name": "CVE-2026-32283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
    },
    {
      "name": "CVE-2025-30683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
    },
    {
      "name": "CVE-2025-30699",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
    },
    {
      "name": "CVE-2019-14893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14893"
    },
    {
      "name": "CVE-2018-1338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1338"
    },
    {
      "name": "CVE-2025-61727",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
    },
    {
      "name": "CVE-2023-50298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50298"
    },
    {
      "name": "CVE-2024-26308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
    },
    {
      "name": "CVE-2021-29262",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-29262"
    },
    {
      "name": "CVE-2020-11113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11113"
    },
    {
      "name": "CVE-2024-21503",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21503"
    },
    {
      "name": "CVE-2016-1000338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000338"
    },
    {
      "name": "CVE-2026-0861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0861"
    },
    {
      "name": "CVE-2026-1703",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1703"
    },
    {
      "name": "CVE-2026-25645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25645"
    },
    {
      "name": "CVE-2026-21860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21860"
    },
    {
      "name": "CVE-2026-3479",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3479"
    },
    {
      "name": "CVE-2024-52012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-52012"
    },
    {
      "name": "CVE-2021-35517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35517"
    },
    {
      "name": "CVE-2025-50098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
    },
    {
      "name": "CVE-2026-39883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-39883"
    },
    {
      "name": "CVE-2026-4424",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4424"
    },
    {
      "name": "CVE-2019-10088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10088"
    },
    {
      "name": "CVE-2025-50086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
    },
    {
      "name": "CVE-2026-32281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
    },
    {
      "name": "CVE-2026-1839",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1839"
    },
    {
      "name": "CVE-2026-27142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27142"
    },
    {
      "name": "CVE-2026-34515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34515"
    },
    {
      "name": "CVE-2026-5598",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5598"
    },
    {
      "name": "CVE-2026-34519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34519"
    },
    {
      "name": "CVE-2018-11797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11797"
    },
    {
      "name": "CVE-2026-22022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22022"
    },
    {
      "name": "CVE-2025-8194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
    },
    {
      "name": "CVE-2026-34304",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34304"
    },
    {
      "name": "CVE-2025-50082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
    },
    {
      "name": "CVE-2024-23454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
    },
    {
      "name": "CVE-2025-50097",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
    },
    {
      "name": "CVE-2026-30922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-30922"
    },
    {
      "name": "CVE-2025-50181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
    },
    {
      "name": "CVE-2020-10672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10672"
    },
    {
      "name": "CVE-2024-21742",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
    },
    {
      "name": "CVE-2022-3510",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
    },
    {
      "name": "CVE-2025-50084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
    },
    {
      "name": "CVE-2022-3509",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
    },
    {
      "name": "CVE-2025-50079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
    },
    {
      "name": "CVE-2025-1795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
    },
    {
      "name": "CVE-2019-14439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14439"
    },
    {
      "name": "CVE-2025-4517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
    },
    {
      "name": "CVE-2021-37533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
    },
    {
      "name": "CVE-2025-21574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
    },
    {
      "name": "CVE-2018-8017",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-8017"
    },
    {
      "name": "CVE-2020-10969",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10969"
    },
    {
      "name": "CVE-2024-8184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
    },
    {
      "name": "CVE-2026-21948",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21948"
    },
    {
      "name": "CVE-2025-11143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11143"
    },
    {
      "name": "CVE-2025-52999",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
    },
    {
      "name": "CVE-2025-21580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
    },
    {
      "name": "CVE-2026-34986",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
    },
    {
      "name": "CVE-2025-53023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
    },
    {
      "name": "CVE-2025-21575",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
    },
    {
      "name": "CVE-2020-36187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
    },
    {
      "name": "CVE-2025-4435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
    },
    {
      "name": "CVE-2017-15691",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15691"
    },
    {
      "name": "CVE-2024-21634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
    },
    {
      "name": "CVE-2025-21577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
    },
    {
      "name": "CVE-2022-38749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
    },
    {
      "name": "CVE-2026-22002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22002"
    },
    {
      "name": "CVE-2021-36090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
    },
    {
      "name": "CVE-2026-34518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34518"
    },
    {
      "name": "CVE-2025-68161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68161"
    },
    {
      "name": "CVE-2016-1000342",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000342"
    },
    {
      "name": "CVE-2024-5535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
    },
    {
      "name": "CVE-2024-29131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29131"
    },
    {
      "name": "CVE-2018-17197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-17197"
    },
    {
      "name": "CVE-2024-12718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
    },
    {
      "name": "CVE-2025-62813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
    },
    {
      "name": "CVE-2020-11620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11620"
    },
    {
      "name": "CVE-2024-12801",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
    },
    {
      "name": "CVE-2024-5642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
    },
    {
      "name": "CVE-2026-34308",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34308"
    },
    {
      "name": "CVE-2016-1000339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000339"
    },
    {
      "name": "CVE-2018-12022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
    },
    {
      "name": "CVE-2026-3219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3219"
    },
    {
      "name": "CVE-2025-50096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
    },
    {
      "name": "CVE-2024-47554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
    },
    {
      "name": "CVE-2023-50291",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-50291"
    },
    {
      "name": "CVE-2018-5968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
    },
    {
      "name": "CVE-2025-61732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
    },
    {
      "name": "CVE-2025-21499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21499"
    },
    {
      "name": "CVE-2023-45803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
    },
    {
      "name": "CVE-2024-6763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
    },
    {
      "name": "CVE-2026-27199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27199"
    },
    {
      "name": "CVE-2025-48976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
    },
    {
      "name": "CVE-2020-1945",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1945"
    },
    {
      "name": "CVE-2025-30705",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
    },
    {
      "name": "CVE-2021-23926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-23926"
    },
    {
      "name": "CVE-2026-21964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21964"
    },
    {
      "name": "CVE-2025-8713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
    },
    {
      "name": "CVE-2025-50088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
    },
    {
      "name": "CVE-2026-22731",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22731"
    },
    {
      "name": "CVE-2025-66471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
    },
    {
      "name": "CVE-2025-68146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68146"
    },
    {
      "name": "CVE-2020-24750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
    },
    {
      "name": "CVE-2026-25679",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
    },
    {
      "name": "CVE-2026-21441",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
    },
    {
      "name": "CVE-2025-3730",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
    },
    {
      "name": "CVE-2025-13836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13836"
    },
    {
      "name": "CVE-2024-25710",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
    },
    {
      "name": "CVE-2026-34525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34525"
    },
    {
      "name": "CVE-2024-7254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
    },
    {
      "name": "CVE-2026-22732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22732"
    },
    {
      "name": "CVE-2025-50077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
    },
    {
      "name": "CVE-2020-9492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-9492"
    },
    {
      "name": "CVE-2025-54988",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
    },
    {
      "name": "CVE-2026-32274",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32274"
    },
    {
      "name": "CVE-2026-40192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
    },
    {
      "name": "CVE-2026-35240",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-35240"
    },
    {
      "name": "CVE-2024-29133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-29133"
    },
    {
      "name": "CVE-2026-22004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22004"
    },
    {
      "name": "CVE-2025-55163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
    },
    {
      "name": "CVE-2018-1324",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1324"
    },
    {
      "name": "CVE-2025-10158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-10158"
    },
    {
      "name": "CVE-2025-50092",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
    },
    {
      "name": "CVE-2025-50099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
    },
    {
      "name": "CVE-2026-22001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22001"
    },
    {
      "name": "CVE-2026-32874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32874"
    },
    {
      "name": "CVE-2025-3263",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
    },
    {
      "name": "CVE-2025-12818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
    },
    {
      "name": "CVE-2024-35195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-35195"
    },
    {
      "name": "CVE-2026-4539",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4539"
    },
    {
      "name": "CVE-2019-16943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16943"
    },
    {
      "name": "CVE-2021-31812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31812"
    },
    {
      "name": "CVE-2026-4519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4519"
    },
    {
      "name": "CVE-2025-15366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15366"
    },
    {
      "name": "CVE-2025-13462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-13462"
    },
    {
      "name": "CVE-2025-30684",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
    },
    {
      "name": "CVE-2026-32289",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32289"
    },
    {
      "name": "CVE-2026-0865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0865"
    },
    {
      "name": "CVE-2021-37404",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-37404"
    },
    {
      "name": "CVE-2024-9143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
    },
    {
      "name": "CVE-2025-66221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66221"
    },
    {
      "name": "CVE-2017-7525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
    },
    {
      "name": "CVE-2025-6051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
    },
    {
      "name": "CVE-2026-4111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4111"
    },
    {
      "name": "CVE-2025-50093",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
    },
    {
      "name": "CVE-2025-53069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
    },
    {
      "name": "CVE-2024-28085",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
    },
    {
      "name": "CVE-2025-66034",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66034"
    },
    {
      "name": "CVE-2019-20330",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20330"
    },
    {
      "name": "CVE-2020-14195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14195"
    },
    {
      "name": "CVE-2025-21579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
    },
    {
      "name": "CVE-2018-10237",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
    },
    {
      "name": "CVE-2019-12814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
    },
    {
      "name": "CVE-2020-35491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
    },
    {
      "name": "CVE-2019-17531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17531"
    },
    {
      "name": "CVE-2025-53044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
    },
    {
      "name": "CVE-2026-3298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3298"
    },
    {
      "name": "CVE-2026-6100",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-6100"
    },
    {
      "name": "CVE-2026-21968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-21968"
    },
    {
      "name": "CVE-2026-32280",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
    },
    {
      "name": "CVE-2025-50087",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
    },
    {
      "name": "CVE-2023-43804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
    },
    {
      "name": "CVE-2024-47535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
    },
    {
      "name": "CVE-2024-21232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21232"
    },
    {
      "name": "CVE-2020-14061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14061"
    },
    {
      "name": "CVE-2024-9823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9823"
    },
    {
      "name": "CVE-2025-61728",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
    },
    {
      "name": "CVE-2022-42004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
    },
    {
      "name": "CVE-2026-4224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4224"
    },
    {
      "name": "CVE-2021-22569",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
    },
    {
      "name": "CVE-2025-8714",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
    },
    {
      "name": "CVE-2020-11619",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11619"
    },
    {
      "name": "CVE-2019-12415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12415"
    },
    {
      "name": "CVE-2025-8869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8869"
    },
    {
      "name": "CVE-2020-36183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
    },
    {
      "name": "CVE-2026-25854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25854"
    },
    {
      "name": "CVE-2026-22015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22015"
    },
    {
      "name": "CVE-2025-12817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
    },
    {
      "name": "CVE-2021-22573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22573"
    },
    {
      "name": "CVE-2026-23949",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-23949"
    },
    {
      "name": "CVE-2020-8840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8840"
    },
    {
      "name": "CVE-2026-1519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1519"
    },
    {
      "name": "CVE-2026-2332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
    },
    {
      "name": "CVE-2025-31672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
    },
    {
      "name": "CVE-2018-11761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11761"
    },
    {
      "name": "CVE-2025-30721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2018-11771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11771"
    },
    {
      "name": "CVE-2025-50091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
    },
    {
      "name": "CVE-2018-1335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1335"
    },
    {
      "name": "CVE-2024-47081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
    },
    {
      "name": "CVE-2026-0915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0915"
    },
    {
      "name": "CVE-2025-15281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-15281"
    },
    {
      "name": "CVE-2025-21493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21493"
    },
    {
      "name": "CVE-2022-41854",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
    },
    {
      "name": "CVE-2018-11762",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11762"
    },
    {
      "name": "CVE-2020-8908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
    },
    {
      "name": "CVE-2024-6119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
    },
    {
      "name": "CVE-2026-22733",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22733"
    },
    {
      "name": "CVE-2026-2297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2297"
    },
    {
      "name": "CVE-2025-58181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
    },
    {
      "name": "CVE-2025-53054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
    },
    {
      "name": "CVE-2020-36184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
    },
    {
      "name": "CVE-2025-47914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
    },
    {
      "name": "CVE-2026-22005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22005"
    },
    {
      "name": "CVE-2025-4516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
    },
    {
      "name": "CVE-2016-1000340",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000340"
    },
    {
      "name": "CVE-2026-34516",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34516"
    },
    {
      "name": "CVE-2026-1299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1299"
    },
    {
      "name": "CVE-2020-36180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
    },
    {
      "name": "CVE-2018-12023",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
    },
    {
      "name": "CVE-2026-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-3644"
    },
    {
      "name": "CVE-2026-27140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27140"
    },
    {
      "name": "CVE-2022-25857",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
    },
    {
      "name": "CVE-2022-38751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
    },
    {
      "name": "CVE-2025-50104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
    },
    {
      "name": "CVE-2025-25193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
    },
    {
      "name": "CVE-2018-14720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
    },
    {
      "name": "CVE-2020-36518",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36518"
    },
    {
      "name": "CVE-2026-29129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-29129"
    },
    {
      "name": "CVE-2022-31159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-31159"
    },
    {
      "name": "CVE-2026-22735",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22735"
    },
    {
      "name": "CVE-2026-34517",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34517"
    },
    {
      "name": "CVE-2025-30687",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
    },
    {
      "name": "CVE-2020-15522",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-15522"
    },
    {
      "name": "CVE-2025-50101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
    },
    {
      "name": "CVE-2024-30171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
    },
    {
      "name": "CVE-2018-1339",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1339"
    },
    {
      "name": "CVE-2016-1000352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000352"
    },
    {
      "name": "CVE-2026-27139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27139"
    },
    {
      "name": "CVE-2025-4207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
    },
    {
      "name": "CVE-2025-9230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
    },
    {
      "name": "CVE-2025-14009",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14009"
    },
    {
      "name": "CVE-2025-53040",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
    },
    {
      "name": "CVE-2017-15095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
    },
    {
      "name": "CVE-2019-14540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14540"
    },
    {
      "name": "CVE-2024-36114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-36114"
    },
    {
      "name": "CVE-2019-12086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
    },
    {
      "name": "CVE-2026-24049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
    },
    {
      "name": "CVE-2018-14721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
    },
    {
      "name": "CVE-2025-48924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
    },
    {
      "name": "CVE-2026-33810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
    },
    {
      "name": "CVE-2022-38752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
    },
    {
      "name": "CVE-2026-34278",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34278"
    },
    {
      "name": "CVE-2025-8916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
    },
    {
      "name": "CVE-2026-34513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34513"
    },
    {
      "name": "CVE-2023-24998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
    },
    {
      "name": "CVE-2026-2003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2003"
    },
    {
      "name": "CVE-2025-30704",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
    },
    {
      "name": "CVE-2022-38750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
    },
    {
      "name": "CVE-2026-32282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
    },
    {
      "name": "CVE-2026-34514",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34514"
    },
    {
      "name": "CVE-2018-11307",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
    },
    {
      "name": "CVE-2024-3651",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
    },
    {
      "name": "CVE-2025-68121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
    },
    {
      "name": "CVE-2025-53045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
    },
    {
      "name": "CVE-2019-10086",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10086"
    },
    {
      "name": "CVE-2020-10968",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-10968"
    },
    {
      "name": "CVE-2025-30693",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
    },
    {
      "name": "CVE-2025-2099",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
    },
    {
      "name": "CVE-2025-1194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1194"
    },
    {
      "name": "CVE-2025-6638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
    },
    {
      "name": "CVE-2025-21585",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
    },
    {
      "name": "CVE-2025-14819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14819"
    },
    {
      "name": "CVE-2022-42003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
    },
    {
      "name": "CVE-2026-4786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-4786"
    },
    {
      "name": "CVE-2020-25649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-25649"
    },
    {
      "name": "CVE-2026-27141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27141"
    },
    {
      "name": "CVE-2023-2976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
    },
    {
      "name": "CVE-2025-61726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
    },
    {
      "name": "CVE-2016-1000344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000344"
    },
    {
      "name": "CVE-2017-17485",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
    },
    {
      "name": "CVE-2025-1094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
    },
    {
      "name": "CVE-2025-53864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
    },
    {
      "name": "CVE-2017-3164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-3164"
    },
    {
      "name": "CVE-2026-41066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-41066"
    },
    {
      "name": "CVE-2026-34520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34520"
    },
    {
      "name": "CVE-2025-53053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
    },
    {
      "name": "CVE-2025-59419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
    },
    {
      "name": "CVE-2022-1471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
    },
    {
      "name": "CVE-2019-14379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
    },
    {
      "name": "CVE-2026-24880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24880"
    },
    {
      "name": "CVE-2021-35515",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-35515"
    },
    {
      "name": "CVE-2026-33816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
    },
    {
      "name": "CVE-2026-2004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-2004"
    },
    {
      "name": "CVE-2026-0672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0672"
    },
    {
      "name": "CVE-2017-7669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-7669"
    },
    {
      "name": "CVE-2023-32681",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
    },
    {
      "name": "CVE-2025-21581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
    },
    {
      "name": "CVE-2017-8806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-8806"
    },
    {
      "name": "CVE-2025-41242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
    },
    {
      "name": "CVE-2019-0193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0193"
    },
    {
      "name": "CVE-2022-3171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
    },
    {
      "name": "CVE-2026-33231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33231"
    },
    {
      "name": "CVE-2022-30126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-30126"
    },
    {
      "name": "CVE-2025-46392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-46392"
    },
    {
      "name": "CVE-2020-11112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11112"
    },
    {
      "name": "CVE-2025-30685",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
    },
    {
      "name": "CVE-2018-1000180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000180"
    },
    {
      "name": "CVE-2025-6921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
    },
    {
      "name": "CVE-2025-30695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
    },
    {
      "name": "CVE-2025-30688",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
    },
    {
      "name": "CVE-2023-5752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
    },
    {
      "name": "CVE-2026-34276",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34276"
    },
    {
      "name": "CVE-2022-24614",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-24614"
    },
    {
      "name": "CVE-2026-22815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-22815"
    },
    {
      "name": "CVE-2020-13959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13959"
    },
    {
      "name": "CVE-2025-24814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-24814"
    },
    {
      "name": "CVE-2020-11111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11111"
    },
    {
      "name": "CVE-2020-11979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-11979"
    },
    {
      "name": "CVE-2025-67221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-67221"
    },
    {
      "name": "CVE-2024-21243",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-21243"
    },
    {
      "name": "CVE-2026-33230",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33230"
    },
    {
      "name": "CVE-2021-31811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31811"
    },
    {
      "name": "CVE-2021-27807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-27807"
    },
    {
      "name": "CVE-2026-1225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1225"
    },
    {
      "name": "CVE-2026-24281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-24281"
    },
    {
      "name": "CVE-2026-1462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-1462"
    },
    {
      "name": "CVE-2025-50083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
    },
    {
      "name": "CVE-2022-25168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-25168"
    },
    {
      "name": "CVE-2026-34293",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-34293"
    },
    {
      "name": "CVE-2020-14060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14060"
    },
    {
      "name": "CVE-2020-36188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
    },
    {
      "name": "CVE-2016-1000027",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
    },
    {
      "name": "CVE-2025-61729",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
    },
    {
      "name": "CVE-2018-11802",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11802"
    },
    {
      "name": "CVE-2025-3777",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
    },
    {
      "name": "CVE-2025-14831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-14831"
    },
    {
      "name": "CVE-2018-11796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-11796"
    },
    {
      "name": "CVE-2020-13957",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-13957"
    },
    {
      "name": "CVE-2019-14892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14892"
    },
    {
      "name": "CVE-2025-66418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
    },
    {
      "name": "CVE-2018-1000632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000632"
    },
    {
      "name": "CVE-2026-0846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-0846"
    },
    {
      "name": "CVE-2025-48734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
    },
    {
      "name": "CVE-2025-11226",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
    },
    {
      "name": "CVE-2020-14062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-14062"
    }
  ],
  "initial_release_date": "2026-05-11T00:00:00",
  "last_revision_date": "2026-05-11T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0556",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-05-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37451",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37451"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37445",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37445"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37460",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37460"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37449",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37449"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37450",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37450"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37466",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37466"
    },
    {
      "published_at": "2026-05-08",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37468",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37468"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37444",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37444"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37461",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37461"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2016-11",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37459"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37446",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37446"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37465",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37465"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37448",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37448"
    },
    {
      "published_at": "2026-05-06",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37447",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37447"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37463",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37463"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37452",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37452"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37462",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37462"
    },
    {
      "published_at": "2026-05-07",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 37464",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/37464"
    }
  ]
}

CNVD-2018-20788

Vulnerability from cnvd - Published: 2018-10-12

Title

Apache Tika XML外部实体拒绝服务漏洞

Description

Apache Tika是美国阿帕奇（Apache）软件基金会的一个集成了POI（使用Java程序对Microsoft Office格式文档提供读和写功能的开源函数库）、Pdfbox（读取和创建PDF文档的纯Java类库）并为文本抽取工作提供了统一界面的内容抽取工具集合。 Apache Tika 0.1版本至1.18版本中存在安全漏洞，该漏洞源于程序未能配置XML解析器来限制实体扩展。攻击者可利用该漏洞造成拒绝服务。

Severity

中

Patch Name

Apache Tika XML外部实体拒绝服务漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E

Reference

https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E

Impacted products

Name
Apache Tika >=0.1，<=1.18

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "105514"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-11761"
    }
  },
  "description": "Apache Tika\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u96c6\u6210\u4e86POI\uff08\u4f7f\u7528Java\u7a0b\u5e8f\u5bf9Microsoft Office\u683c\u5f0f\u6587\u6863\u63d0\u4f9b\u8bfb\u548c\u5199\u529f\u80fd\u7684\u5f00\u6e90\u51fd\u6570\u5e93\uff09\u3001Pdfbox\uff08\u8bfb\u53d6\u548c\u521b\u5efaPDF\u6587\u6863\u7684\u7eafJava\u7c7b\u5e93\uff09\u5e76\u4e3a\u6587\u672c\u62bd\u53d6\u5de5\u4f5c\u63d0\u4f9b\u4e86\u7edf\u4e00\u754c\u9762\u7684\u5185\u5bb9\u62bd\u53d6\u5de5\u5177\u96c6\u5408\u3002\r\n\r\nApache Tika 0.1\u7248\u672c\u81f31.18\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u914d\u7f6eXML\u89e3\u6790\u5668\u6765\u9650\u5236\u5b9e\u4f53\u6269\u5c55\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Renfei (Brian) Wang of Amazon",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-20788",
  "openTime": "2018-10-12",
  "patchDescription": "Apache Tika\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u4e2a\u96c6\u6210\u4e86POI\uff08\u4f7f\u7528Java\u7a0b\u5e8f\u5bf9Microsoft Office\u683c\u5f0f\u6587\u6863\u63d0\u4f9b\u8bfb\u548c\u5199\u529f\u80fd\u7684\u5f00\u6e90\u51fd\u6570\u5e93\uff09\u3001Pdfbox\uff08\u8bfb\u53d6\u548c\u521b\u5efaPDF\u6587\u6863\u7684\u7eafJava\u7c7b\u5e93\uff09\u5e76\u4e3a\u6587\u672c\u62bd\u53d6\u5de5\u4f5c\u63d0\u4f9b\u4e86\u7edf\u4e00\u754c\u9762\u7684\u5185\u5bb9\u62bd\u53d6\u5de5\u5177\u96c6\u5408\u3002\r\n\r\nApache Tika 0.1\u7248\u672c\u81f31.18\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u914d\u7f6eXML\u89e3\u6790\u5668\u6765\u9650\u5236\u5b9e\u4f53\u6269\u5c55\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Tika XML\u5916\u90e8\u5b9e\u4f53\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Tika \u003e=0.1\uff0c\u003c=1.18"
  },
  "referenceLink": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E",
  "serverity": "\u4e2d",
  "submitTime": "2018-09-21",
  "title": "Apache Tika XML\u5916\u90e8\u5b9e\u4f53\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

FKIE_CVE-2018-11761

Vulnerability from fkie_nvd - Published: 2018-09-19 14:29 - Updated: 2024-11-21 03:43

Severity

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security@apache.org	http://www.securityfocus.com/bid/105514	Third Party Advisory, VDB Entry
security@apache.org	https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E
security@apache.org	https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
security@apache.org	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/105514	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
apache	tika	*
oracle	business_process_management_suite	12.1.3.0.0
oracle	business_process_management_suite	12.2.1.3.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4CDD0DD-833B-43B3-8701-2C3CF76F7515",
              "versionEndIncluding": "1.18",
              "versionStartIncluding": "0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B887E174-57AB-449D-AEE4-82DD1A3E5C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E869C417-C0E6-4FC3-B406-45598A1D1906",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack."
    },
    {
      "lang": "es",
      "value": "En Apache Tika desde la versi\u00f3n 0.1 hasta la 1.18, los analizadores XML no estaban configurados para limitar la expansi\u00f3n de las entidades. Por lo tanto, eran vulnerables a una expansi\u00f3n de entidades, lo que podr\u00eda conducir a un ataque de denegaci\u00f3n de servicio (DoS)."
    }
  ],
  "id": "CVE-2018-11761",
  "lastModified": "2024-11-21T03:43:58.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-09-19T14:29:00.287",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105514"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/105514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421%40%3Cdev.tika.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-6JQ2-789Q-FFF2

Vulnerability from github – Published: 2018-10-17 15:49 – Updated: 2021-09-02 16:41

Summary

High severity vulnerability that affects org.apache.tika:tika-core

Details

Severity

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tika:tika-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1"
            },
            {
              "fixed": "1.19.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-11761"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-611"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:19:32Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
  "id": "GHSA-6jq2-789q-fff2",
  "modified": "2021-09-02T16:41:17Z",
  "published": "2018-10-17T15:49:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11761"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-6jq2-789q-fff2"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/105514"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "High severity vulnerability that affects org.apache.tika:tika-core"
}

GSD-2018-11761

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-11761

Aliases

CVE-2018-11761

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-11761",
    "description": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
    "id": "GSD-2018-11761",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-11761.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-11761"
      ],
      "details": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
      "id": "GSD-2018-11761",
      "modified": "2023-12-13T01:22:41.795877Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2018-09-19T00:00:00",
        "ID": "CVE-2018-11761",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tika",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "0.1 to 1.18"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service via XML Entity Expansion"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "105514",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/105514"
          },
          {
            "name": "[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E"
          },
          {
            "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[0.1,1.19.1)",
          "affected_versions": "All versions starting from 0.1 before 1.19.1",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-611",
            "CWE-937"
          ],
          "date": "2021-09-02",
          "description": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
          "fixed_versions": [
            "1.19.1"
          ],
          "identifier": "CVE-2018-11761",
          "identifiers": [
            "GHSA-6jq2-789q-fff2",
            "CVE-2018-11761"
          ],
          "not_impacted": "All versions before 0.1, all versions starting from 1.19.1",
          "package_slug": "maven/org.apache.tika/tika-core",
          "pubdate": "2018-10-17",
          "solution": "Upgrade to version 1.19.1 or above.",
          "title": "Improper Restriction of XML External Entity Reference",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-11761",
            "https://github.com/advisories/GHSA-6jq2-789q-fff2",
            "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E",
            "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E",
            "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            "http://www.securityfocus.com/bid/105514"
          ],
          "uuid": "6d06d421-6df4-402e-b2fe-51060602046f"
        },
        {
          "affected_range": "[0.1,1.18]",
          "affected_versions": "All versions starting from 0.1 up to 1.18",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-611",
            "CWE-937"
          ],
          "date": "2019-11-12",
          "description": "In Apache Tika, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a DoS.",
          "fixed_versions": [
            "1.19"
          ],
          "identifier": "CVE-2018-11761",
          "identifiers": [
            "CVE-2018-11761"
          ],
          "not_impacted": "All versions before 0.1, all versions after 1.18",
          "package_slug": "maven/org.apache.tika/tika-parsers",
          "pubdate": "2018-09-19",
          "solution": "Upgrade to version 1.19 or above.",
          "title": "Improper Restriction of XML External Entity Reference",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-11761",
            "http://www.securityfocus.com/bid/105514"
          ],
          "uuid": "8cf24d45-cb25-4695-83aa-6abaee4a9a5a"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.18",
                "versionStartIncluding": "0.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2018-11761"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-611"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[tika-dev] 20180919 [CVE-2018-11761] Apache Tika DoS XML Entity Expansion Vulnerability",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E"
            },
            {
              "name": "105514",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/105514"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-11-12T20:15Z",
      "publishedDate": "2018-09-19T14:29Z"
    }
  }
}

SUSE-RU-2018:4018-1

Vulnerability from csaf_suse - Published: 2018-12-07 12:25 - Updated: 2018-12-07 12:25

Summary

Security update for SUSE Manager Server 3.2

Severity

Moderate

Notes

Title of the patch: Security update for SUSE Manager Server 3.2

Description of the patch: This update fixes the following issues: apache-mybatis: - Install missing LICENSE.txt file (bsc#1114814) cobbler: - Fix service restart after logrotate for cobblerd (bsc#1113747) - Rotate cobbler logs at higher frequency to prevent disk fillup (bsc#1113747) hadoop: - Install missing LICENSE.txt file (bsc#1114814) image-sync-formula: - Handle empty images pillar (bsc#1105359) lucene: - Install missing LICENSE.txt file (bsc#1114814) nekohtml: - Install missing LICENSE.txt file (bsc#1114814) nutch-core: - Install missing LICENSE.txt file (bsc#1114814) - Add conditional requirement for java 1.8 - Use java >= 1.8 - required by tika 0.19.1 to /var/log/nutch (bsc#1107869) - Add new tarball file for v1.0.1 - Bump up version to 1.0.1 and fix paths - Adjustments after upgrade of tika-core to v1.19 picocontainer: - Install missing LICENSE.txt file (bsc#1114814) python-susemanager-retail: - Improve error reporting on duplicate systems - Output partition size as int (bsc#1116517) - Start partition numbers from 1 - Warn on long group names - Improved logging support - Add retail_yaml --only-new option - Print import summary (bsc#1112754) - Add retail_migration tool - Check for duplicate addresses in yaml (bsc#1111497) salt-netapi-client: - Version 0.15.0 See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.15.0 saltboot-formula: - Send pxe_update by external command to make sure it is finished (bsc#1111387) - Better error message on missing partitioning pillar (bsc#1110625) spacecmd: - Show group id on group_details (bsc#1111542) - State channels handling: Existing commands configchannel_create and configchannel_import were updated while system_scheduleapplyconfigchannels and configchannel_updateinitsls were added. spacewalk-branding: - Automatic cleanup of notification messages after a configurable lifetime - ActivationKey base and child channel in a reactjs component - New messages are added for XMLRPC API for state channels spacewalk-config: - Add permissions for tomcat & apache to check bootstrap ssh file (bsc#1114181) spacewalk-java: - Improve return value and errors thrown for system.createEmptyProfile XMLRPC endpoint - Fix scheduling jobs to prevent forever pending events (bsc#1114991) - Performance improvements for group listings and detail page (bsc#1111810) - Fix wrong counts of systems currency reports when a system belongs to more than one group (bsc#1114362) - Add check if ssh-file permissions are correct (bsc#1114181) - Increase maximum number of threads and open files for taskomatic (bsc#1111966) - When removing cobbler system record, lookup by mac address as well if lookup by id fails(bsc#1110361) - Allow listing empty system profiles via XMLRPC - Automatic cleanup of notification messages after a configurable lifetime - Different methods have been refactored in tomcat/taskomatic for better performance(bsc#1106430) - Do not try cleanup when deleting empty system profiles (bsc#1111247) - Better error handling when a websocket connection is aborted (bsc#1080474) - Change Requires to allow installing with both Tomcat 8 (SLE-12SP3) and 9 (SLE12-SP4) - ActivationKey base and child channel in a reactjs component - Fix typo in messages (bsc#1111249) - Cleanup formula data and assignment when migrating formulas or when removing system - Remove restrictions on SUSE Manager Channel subscriptions (bsc#1105724) - Added shortcut for editing Software Channel - Fix permissions check on formula list api call (bsc#1106626) - Add sp migration dry runs to the daily status report (bsc#1083094) spacewalk-search: - Fix nutch-core path (bsc#1112445) spacewalk-setup: - Increase maximum number of threads and open files for taskomatic (bsc#1111966) spacewalk-utils: - Fix typo at --phases option help spacewalk-web: - Make datetimepicker update displayed time (bsc#1041999) - Show human-readable system cleanup error messages - ActivationKey base and child channel in a reactjs component - Fix typo in messages (bsc#1111249) susemanager: - Add new option --with-parent-channel to mgr-create-bootrap-repo to specify parent channel to use if multiple options are available (bsc#1104487) susemanager-docs_en: - Update text and image files. - Add information about SLE12 SP4 as base OS for Server and Proxy susemanager-frontend-libs: - Fix package version (bsc#1115449) susemanager-schema: - Automatic cleanup of notification messages after a configurable lifetime - Add missing minion-action-chain-cleanup to db init scripts susemanager-sls: - Deploy SSL certificate during onboarding of openSUSE Leap 15.0 (bsc#1112163) susemanager-sync-data: - SUSE OpenStack Cloud 9 enablement (bsc#1113557) - Add SUSE Manager 3.1 and 3.2 to SLES12 SP4 tika-core: - Fix improper XML parsing to prevent DoS attacks (CVE-2018-11761) (bsc#1109235) - Install missing LICENSE.txt file (bsc#1114814) - New upstream version (0.19.1)

Patchnames: SUSE-SUSE-Manager-Proxy-3.2-2018-2869,SUSE-SUSE-Manager-Server-3.2-2018-2869

CVE-2018-11761

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 49 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch	—	Vendor Fix

Threats

Impact low

References

38 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2018…	self
https://bugzilla.suse.com/1041999	self
https://bugzilla.suse.com/1080474	self
https://bugzilla.suse.com/1083094	self
https://bugzilla.suse.com/1104487	self
https://bugzilla.suse.com/1105359	self
https://bugzilla.suse.com/1105724	self
https://bugzilla.suse.com/1106430	self
https://bugzilla.suse.com/1106626	self
https://bugzilla.suse.com/1107869	self
https://bugzilla.suse.com/1109235	self
https://bugzilla.suse.com/1110361	self
https://bugzilla.suse.com/1110625	self
https://bugzilla.suse.com/1111247	self
https://bugzilla.suse.com/1111249	self
https://bugzilla.suse.com/1111387	self
https://bugzilla.suse.com/1111497	self
https://bugzilla.suse.com/1111542	self
https://bugzilla.suse.com/1111810	self
https://bugzilla.suse.com/1111966	self
https://bugzilla.suse.com/1112163	self
https://bugzilla.suse.com/1112445	self
https://bugzilla.suse.com/1112754	self
https://bugzilla.suse.com/1113557	self
https://bugzilla.suse.com/1113747	self
https://bugzilla.suse.com/1114181	self
https://bugzilla.suse.com/1114362	self
https://bugzilla.suse.com/1114814	self
https://bugzilla.suse.com/1114991	self
https://bugzilla.suse.com/1115449	self
https://bugzilla.suse.com/1116517	self
https://www.suse.com/security/cve/CVE-2018-11761/	self
https://www.suse.com/security/cve/CVE-2018-11761	external
https://bugzilla.suse.com/1109235	external
https://bugzilla.suse.com/1111309	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for SUSE Manager Server 3.2",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update fixes the following issues:\n\napache-mybatis:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\ncobbler:\n\n- Fix service restart after logrotate for cobblerd (bsc#1113747)\n- Rotate cobbler logs at higher frequency to prevent disk fillup\n  (bsc#1113747)\n\nhadoop:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nimage-sync-formula:\n\n- Handle empty images pillar (bsc#1105359)\n\nlucene:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nnekohtml:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nnutch-core:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n- Add conditional requirement for java 1.8 \n- Use java \u003e= 1.8 - required by tika 0.19.1 \n  to /var/log/nutch (bsc#1107869)\n- Add new tarball file for v1.0.1\n- Bump up version to 1.0.1 and fix paths\n- Adjustments after upgrade of tika-core to v1.19 \n\npicocontainer:\n\n- Install missing LICENSE.txt file (bsc#1114814) \n\npython-susemanager-retail:\n\n- Improve error reporting on duplicate systems\n- Output partition size as int (bsc#1116517)\n- Start partition numbers from 1\n- Warn on long group names\n- Improved logging support\n- Add retail_yaml --only-new option\n- Print import summary (bsc#1112754)\n- Add retail_migration tool\n- Check for duplicate addresses in yaml (bsc#1111497)\n\nsalt-netapi-client:\n\n- Version 0.15.0\n  See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.15.0\n\nsaltboot-formula:\n\n- Send pxe_update by external command to make sure it is finished\n  (bsc#1111387)\n- Better error message on missing partitioning pillar (bsc#1110625)\n\nspacecmd:\n\n- Show group id on group_details (bsc#1111542)\n- State channels handling: Existing commands configchannel_create and configchannel_import were updated\n  while system_scheduleapplyconfigchannels and configchannel_updateinitsls were added.\n\nspacewalk-branding:\n\n- Automatic cleanup of notification messages after a configurable lifetime\n- ActivationKey base and child channel in a reactjs component\n- New messages are added for XMLRPC API for state channels\n\nspacewalk-config:\n\n- Add permissions for tomcat \u0026 apache to check bootstrap ssh file (bsc#1114181)\n\nspacewalk-java:\n\n- Improve return value and errors thrown for system.createEmptyProfile XMLRPC endpoint\n- Fix scheduling jobs to prevent forever pending events (bsc#1114991)\n- Performance improvements for group listings and detail page (bsc#1111810)\n- Fix wrong counts of systems currency reports when a system belongs to more than one group (bsc#1114362)\n- Add check if ssh-file permissions are correct (bsc#1114181)\n- Increase maximum number of threads and open files for taskomatic (bsc#1111966)\n- When removing cobbler system record, lookup by mac address as well if lookup by id fails(bsc#1110361)\n- Allow listing empty system profiles via XMLRPC\n- Automatic cleanup of notification messages after a configurable lifetime\n- Different methods have been refactored in tomcat/taskomatic for better performance(bsc#1106430)\n- Do not try cleanup when deleting empty system profiles (bsc#1111247)\n- Better error handling when a websocket connection is aborted (bsc#1080474)\n- Change Requires to allow installing with both Tomcat 8 (SLE-12SP3) and 9 (SLE12-SP4)\n- ActivationKey base and child channel in a reactjs component\n- Fix typo in messages (bsc#1111249)\n- Cleanup formula data and assignment when migrating formulas or when removing system\n- Remove restrictions on SUSE Manager Channel subscriptions (bsc#1105724)\n- Added shortcut for editing Software Channel\n- Fix permissions check on formula list api call (bsc#1106626)\n- Add sp migration dry runs to the daily status report (bsc#1083094)\n\nspacewalk-search:\n\n- Fix nutch-core path (bsc#1112445)\n\nspacewalk-setup:\n\n- Increase maximum number of threads and open files for taskomatic (bsc#1111966)\n\nspacewalk-utils:\n\n- Fix typo at --phases option help\n\nspacewalk-web:\n\n- Make datetimepicker update displayed time (bsc#1041999)\n- Show human-readable system cleanup error messages\n- ActivationKey base and child channel in a reactjs component\n- Fix typo in messages (bsc#1111249)\n\nsusemanager:\n\n- Add new option --with-parent-channel to mgr-create-bootrap-repo\n  to specify parent channel to use if multiple options are available\n  (bsc#1104487)\n\nsusemanager-docs_en:\n\n- Update text and image files.\n- Add information about SLE12 SP4 as base OS for Server and Proxy\n\nsusemanager-frontend-libs:\n\n- Fix package version (bsc#1115449)\n\nsusemanager-schema:\n\n- Automatic cleanup of notification messages after a configurable lifetime\n- Add missing minion-action-chain-cleanup to db init scripts\n\nsusemanager-sls:\n\n- Deploy SSL certificate during onboarding of openSUSE Leap 15.0 (bsc#1112163)\n\nsusemanager-sync-data:\n\n- SUSE OpenStack Cloud 9 enablement (bsc#1113557)\n- Add SUSE Manager 3.1 and 3.2 to SLES12 SP4\n\ntika-core:\n\n- Fix improper XML parsing to prevent DoS attacks (CVE-2018-11761) (bsc#1109235)\n- Install missing LICENSE.txt file (bsc#1114814)\n- New upstream version (0.19.1) \n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SUSE-Manager-Proxy-3.2-2018-2869,SUSE-SUSE-Manager-Server-3.2-2018-2869",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2018_4018-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-RU-2018:4018-1",
        "url": "https://www.suse.com/support/update/announcement//suse-ru-20184018-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-RU-2018:4018-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2018-December/010230.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041999",
        "url": "https://bugzilla.suse.com/1041999"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1080474",
        "url": "https://bugzilla.suse.com/1080474"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1083094",
        "url": "https://bugzilla.suse.com/1083094"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1104487",
        "url": "https://bugzilla.suse.com/1104487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105359",
        "url": "https://bugzilla.suse.com/1105359"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105724",
        "url": "https://bugzilla.suse.com/1105724"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106430",
        "url": "https://bugzilla.suse.com/1106430"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106626",
        "url": "https://bugzilla.suse.com/1106626"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1107869",
        "url": "https://bugzilla.suse.com/1107869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109235",
        "url": "https://bugzilla.suse.com/1109235"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110361",
        "url": "https://bugzilla.suse.com/1110361"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110625",
        "url": "https://bugzilla.suse.com/1110625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111247",
        "url": "https://bugzilla.suse.com/1111247"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111249",
        "url": "https://bugzilla.suse.com/1111249"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111387",
        "url": "https://bugzilla.suse.com/1111387"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111497",
        "url": "https://bugzilla.suse.com/1111497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111542",
        "url": "https://bugzilla.suse.com/1111542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111810",
        "url": "https://bugzilla.suse.com/1111810"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111966",
        "url": "https://bugzilla.suse.com/1111966"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112163",
        "url": "https://bugzilla.suse.com/1112163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112445",
        "url": "https://bugzilla.suse.com/1112445"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112754",
        "url": "https://bugzilla.suse.com/1112754"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113557",
        "url": "https://bugzilla.suse.com/1113557"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113747",
        "url": "https://bugzilla.suse.com/1113747"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114181",
        "url": "https://bugzilla.suse.com/1114181"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114362",
        "url": "https://bugzilla.suse.com/1114362"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114814",
        "url": "https://bugzilla.suse.com/1114814"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114991",
        "url": "https://bugzilla.suse.com/1114991"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115449",
        "url": "https://bugzilla.suse.com/1115449"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1116517",
        "url": "https://bugzilla.suse.com/1116517"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11761 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11761/"
      }
    ],
    "title": "Security update for SUSE Manager Server 3.2",
    "tracking": {
      "current_release_date": "2018-12-07T12:25:18Z",
      "generator": {
        "date": "2018-12-07T12:25:18Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-RU-2018:4018-1",
      "initial_release_date": "2018-12-07T12:25:18Z",
      "revision_history": [
        {
          "date": "2018-12-07T12:25:18Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-mybatis-3.2.3-3.3.3.noarch",
                "product": {
                  "name": "apache-mybatis-3.2.3-3.3.3.noarch",
                  "product_id": "apache-mybatis-3.2.3-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "cobbler-2.6.6-6.10.3.noarch",
                "product": {
                  "name": "cobbler-2.6.6-6.10.3.noarch",
                  "product_id": "cobbler-2.6.6-6.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "hadoop-0.18.1-3.3.3.noarch",
                "product": {
                  "name": "hadoop-0.18.1-3.3.3.noarch",
                  "product_id": "hadoop-0.18.1-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                "product": {
                  "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                  "product_id": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "lucene-2.4.1-4.3.3.noarch",
                "product": {
                  "name": "lucene-2.4.1-4.3.3.noarch",
                  "product_id": "lucene-2.4.1-4.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "nekohtml-1.9.21-3.3.3.noarch",
                "product": {
                  "name": "nekohtml-1.9.21-3.3.3.noarch",
                  "product_id": "nekohtml-1.9.21-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "nutch-core-1.0.1-7.10.3.noarch",
                "product": {
                  "name": "nutch-core-1.0.1-7.10.3.noarch",
                  "product_id": "nutch-core-1.0.1-7.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "picocontainer-1.3.7-3.3.3.noarch",
                "product": {
                  "name": "picocontainer-1.3.7-3.3.3.noarch",
                  "product_id": "picocontainer-1.3.7-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
                "product": {
                  "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
                  "product_id": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "salt-netapi-client-0.15.0-4.3.3.noarch",
                "product": {
                  "name": "salt-netapi-client-0.15.0-4.3.3.noarch",
                  "product_id": "salt-netapi-client-0.15.0-4.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                "product": {
                  "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                  "product_id": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacecmd-2.8.25.7-3.9.3.noarch",
                "product": {
                  "name": "spacecmd-2.8.25.7-3.9.3.noarch",
                  "product_id": "spacecmd-2.8.25.7-3.9.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-base-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-config-2.8.5.5-3.10.3.noarch",
                "product": {
                  "name": "spacewalk-config-2.8.5.5-3.10.3.noarch",
                  "product_id": "spacewalk-config-2.8.5.5-3.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-html-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-html-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-html-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-config-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-search-2.8.3.7-3.12.3.noarch",
                "product": {
                  "name": "spacewalk-search-2.8.3.7-3.12.3.noarch",
                  "product_id": "spacewalk-search-2.8.3.7-3.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
                "product": {
                  "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
                  "product_id": "spacewalk-setup-2.8.7.5-3.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
                "product": {
                  "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
                  "product_id": "spacewalk-utils-2.8.18.3-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-docs_en-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-docs_en-3.2-11.12.3.noarch",
                  "product_id": "susemanager-docs_en-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
                "product": {
                  "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
                  "product_id": "susemanager-frontend-libs-3.2.4-3.7.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-jsp_en-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-jsp_en-3.2-11.12.3.noarch",
                  "product_id": "susemanager-jsp_en-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-reference_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
                "product": {
                  "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
                  "product_id": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-schema-3.2.15-3.13.3.noarch",
                "product": {
                  "name": "susemanager-schema-3.2.15-3.13.3.noarch",
                  "product_id": "susemanager-schema-3.2.15-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-sls-3.2.18-3.13.3.noarch",
                "product": {
                  "name": "susemanager-sls-3.2.18-3.13.3.noarch",
                  "product_id": "susemanager-sls-3.2.18-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-sync-data-3.2.10-3.9.3.noarch",
                "product": {
                  "name": "susemanager-sync-data-3.2.10-3.9.3.noarch",
                  "product_id": "susemanager-sync-data-3.2.10-3.9.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tika-core-1.19.1-3.3.3.noarch",
                "product": {
                  "name": "tika-core-1.19.1-3.3.3.noarch",
                  "product_id": "tika-core-1.19.1-3.3.3.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.ppc64le",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.ppc64le",
                  "product_id": "susemanager-3.2.14-3.13.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.ppc64le",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.ppc64le",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.s390x",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.s390x",
                  "product_id": "susemanager-3.2.14-3.13.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.s390x",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.s390x",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.x86_64",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.x86_64",
                  "product_id": "susemanager-3.2.14-3.13.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.x86_64",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.x86_64",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Manager Proxy 3.2",
                "product": {
                  "name": "SUSE Manager Proxy 3.2",
                  "product_id": "SUSE Manager Proxy 3.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-proxy:3.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server 3.2",
                "product": {
                  "name": "SUSE Manager Server 3.2",
                  "product_id": "SUSE Manager Server 3.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-server:3.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch as component of SUSE Manager Proxy 3.2",
          "product_id": "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch as component of SUSE Manager Proxy 3.2",
          "product_id": "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-mybatis-3.2.3-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch"
        },
        "product_reference": "apache-mybatis-3.2.3-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cobbler-2.6.6-6.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch"
        },
        "product_reference": "cobbler-2.6.6-6.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hadoop-0.18.1-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch"
        },
        "product_reference": "hadoop-0.18.1-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
        },
        "product_reference": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "lucene-2.4.1-4.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch"
        },
        "product_reference": "lucene-2.4.1-4.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nekohtml-1.9.21-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch"
        },
        "product_reference": "nekohtml-1.9.21-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nutch-core-1.0.1-7.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch"
        },
        "product_reference": "nutch-core-1.0.1-7.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picocontainer-1.3.7-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch"
        },
        "product_reference": "picocontainer-1.3.7-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch"
        },
        "product_reference": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "salt-netapi-client-0.15.0-4.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch"
        },
        "product_reference": "salt-netapi-client-0.15.0-4.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
        },
        "product_reference": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacecmd-2.8.25.7-3.9.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch"
        },
        "product_reference": "spacecmd-2.8.25.7-3.9.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-config-2.8.5.5-3.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch"
        },
        "product_reference": "spacewalk-config-2.8.5.5-3.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-html-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-html-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-search-2.8.3.7-3.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch"
        },
        "product_reference": "spacewalk-search-2.8.3.7-3.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch"
        },
        "product_reference": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch"
        },
        "product_reference": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-docs_en-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-docs_en-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch"
        },
        "product_reference": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-jsp_en-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-jsp_en-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch"
        },
        "product_reference": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-schema-3.2.15-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch"
        },
        "product_reference": "susemanager-schema-3.2.15-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-sls-3.2.18-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch"
        },
        "product_reference": "susemanager-sls-3.2.18-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-sync-data-3.2.10-3.9.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch"
        },
        "product_reference": "susemanager-sync-data-3.2.10-3.9.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tika-core-1.19.1-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
        },
        "product_reference": "tika-core-1.19.1-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-11761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
          "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
          "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
          "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
          "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
          "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
          "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
          "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
          "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
          "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
          "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
          "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
          "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
          "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
          "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
          "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
          "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
          "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
          "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11761",
          "url": "https://www.suse.com/security/cve/CVE-2018-11761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1109235 for CVE-2018-11761",
          "url": "https://bugzilla.suse.com/1109235"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111309 for CVE-2018-11761",
          "url": "https://bugzilla.suse.com/1111309"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
            "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
            "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
            "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
            "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
            "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
            "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
            "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
            "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
            "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
            "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
            "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
            "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
            "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
            "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
            "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
            "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
            "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
            "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-12-07T12:25:18Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-11761"
    }
  ]
}

SUSE-SU-2018:4011-1

Vulnerability from csaf_suse - Published: 2018-12-07 12:25 - Updated: 2018-12-07 12:25

Summary

Security update for SUSE Manager Server 3.2

Severity

Moderate

Notes

Title of the patch: Security update for SUSE Manager Server 3.2

Patchnames: SUSE-SUSE-Manager-Proxy-3.2-2018-2869,SUSE-SUSE-Manager-Server-3.2-2018-2869

CVE-2018-11761

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected products

Recommended 49 products

Product	Version	Remediation
Unresolved product id: SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64	—	Vendor Fix
Unresolved product id: SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch	—	Vendor Fix

Threats

Impact low

References

38 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1041999	self
https://bugzilla.suse.com/1080474	self
https://bugzilla.suse.com/1083094	self
https://bugzilla.suse.com/1104487	self
https://bugzilla.suse.com/1105359	self
https://bugzilla.suse.com/1105724	self
https://bugzilla.suse.com/1106430	self
https://bugzilla.suse.com/1106626	self
https://bugzilla.suse.com/1107869	self
https://bugzilla.suse.com/1109235	self
https://bugzilla.suse.com/1110361	self
https://bugzilla.suse.com/1110625	self
https://bugzilla.suse.com/1111247	self
https://bugzilla.suse.com/1111249	self
https://bugzilla.suse.com/1111387	self
https://bugzilla.suse.com/1111497	self
https://bugzilla.suse.com/1111542	self
https://bugzilla.suse.com/1111810	self
https://bugzilla.suse.com/1111966	self
https://bugzilla.suse.com/1112163	self
https://bugzilla.suse.com/1112445	self
https://bugzilla.suse.com/1112754	self
https://bugzilla.suse.com/1113557	self
https://bugzilla.suse.com/1113747	self
https://bugzilla.suse.com/1114181	self
https://bugzilla.suse.com/1114362	self
https://bugzilla.suse.com/1114814	self
https://bugzilla.suse.com/1114991	self
https://bugzilla.suse.com/1115449	self
https://bugzilla.suse.com/1116517	self
https://www.suse.com/security/cve/CVE-2018-11761/	self
https://www.suse.com/security/cve/CVE-2018-11761	external
https://bugzilla.suse.com/1109235	external
https://bugzilla.suse.com/1111309	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for SUSE Manager Server 3.2",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update fixes the following issues:\n\napache-mybatis:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\ncobbler:\n\n- Fix service restart after logrotate for cobblerd (bsc#1113747)\n- Rotate cobbler logs at higher frequency to prevent disk fillup\n  (bsc#1113747)\n\nhadoop:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nimage-sync-formula:\n\n- Handle empty images pillar (bsc#1105359)\n\nlucene:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nnekohtml:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n\nnutch-core:\n\n- Install missing LICENSE.txt file (bsc#1114814)\n- Add conditional requirement for java 1.8 \n- Use java \u003e= 1.8 - required by tika 0.19.1 \n  to /var/log/nutch (bsc#1107869)\n- Add new tarball file for v1.0.1\n- Bump up version to 1.0.1 and fix paths\n- Adjustments after upgrade of tika-core to v1.19 \n\npicocontainer:\n\n- Install missing LICENSE.txt file (bsc#1114814) \n\npython-susemanager-retail:\n\n- Improve error reporting on duplicate systems\n- Output partition size as int (bsc#1116517)\n- Start partition numbers from 1\n- Warn on long group names\n- Improved logging support\n- Add retail_yaml --only-new option\n- Print import summary (bsc#1112754)\n- Add retail_migration tool\n- Check for duplicate addresses in yaml (bsc#1111497)\n\nsalt-netapi-client:\n\n- Version 0.15.0\n  See: https://github.com/SUSE/salt-netapi-client/releases/tag/v0.15.0\n\nsaltboot-formula:\n\n- Send pxe_update by external command to make sure it is finished\n  (bsc#1111387)\n- Better error message on missing partitioning pillar (bsc#1110625)\n\nspacecmd:\n\n- Show group id on group_details (bsc#1111542)\n- State channels handling: Existing commands configchannel_create and configchannel_import were updated\n  while system_scheduleapplyconfigchannels and configchannel_updateinitsls were added.\n\nspacewalk-branding:\n\n- Automatic cleanup of notification messages after a configurable lifetime\n- ActivationKey base and child channel in a reactjs component\n- New messages are added for XMLRPC API for state channels\n\nspacewalk-config:\n\n- Add permissions for tomcat \u0026 apache to check bootstrap ssh file (bsc#1114181)\n\nspacewalk-java:\n\n- Improve return value and errors thrown for system.createEmptyProfile XMLRPC endpoint\n- Fix scheduling jobs to prevent forever pending events (bsc#1114991)\n- Performance improvements for group listings and detail page (bsc#1111810)\n- Fix wrong counts of systems currency reports when a system belongs to more than one group (bsc#1114362)\n- Add check if ssh-file permissions are correct (bsc#1114181)\n- Increase maximum number of threads and open files for taskomatic (bsc#1111966)\n- When removing cobbler system record, lookup by mac address as well if lookup by id fails(bsc#1110361)\n- Allow listing empty system profiles via XMLRPC\n- Automatic cleanup of notification messages after a configurable lifetime\n- Different methods have been refactored in tomcat/taskomatic for better performance(bsc#1106430)\n- Do not try cleanup when deleting empty system profiles (bsc#1111247)\n- Better error handling when a websocket connection is aborted (bsc#1080474)\n- Change Requires to allow installing with both Tomcat 8 (SLE-12SP3) and 9 (SLE12-SP4)\n- ActivationKey base and child channel in a reactjs component\n- Fix typo in messages (bsc#1111249)\n- Cleanup formula data and assignment when migrating formulas or when removing system\n- Remove restrictions on SUSE Manager Channel subscriptions (bsc#1105724)\n- Added shortcut for editing Software Channel\n- Fix permissions check on formula list api call (bsc#1106626)\n- Add sp migration dry runs to the daily status report (bsc#1083094)\n\nspacewalk-search:\n\n- Fix nutch-core path (bsc#1112445)\n\nspacewalk-setup:\n\n- Increase maximum number of threads and open files for taskomatic (bsc#1111966)\n\nspacewalk-utils:\n\n- Fix typo at --phases option help\n\nspacewalk-web:\n\n- Make datetimepicker update displayed time (bsc#1041999)\n- Show human-readable system cleanup error messages\n- ActivationKey base and child channel in a reactjs component\n- Fix typo in messages (bsc#1111249)\n\nsusemanager:\n\n- Add new option --with-parent-channel to mgr-create-bootrap-repo\n  to specify parent channel to use if multiple options are available\n  (bsc#1104487)\n\nsusemanager-docs_en:\n\n- Update text and image files.\n- Add information about SLE12 SP4 as base OS for Server and Proxy\n\nsusemanager-frontend-libs:\n\n- Fix package version (bsc#1115449)\n\nsusemanager-schema:\n\n- Automatic cleanup of notification messages after a configurable lifetime\n- Add missing minion-action-chain-cleanup to db init scripts\n\nsusemanager-sls:\n\n- Deploy SSL certificate during onboarding of openSUSE Leap 15.0 (bsc#1112163)\n\nsusemanager-sync-data:\n\n- SUSE OpenStack Cloud 9 enablement (bsc#1113557)\n- Add SUSE Manager 3.1 and 3.2 to SLES12 SP4\n\ntika-core:\n\n- Fix improper XML parsing to prevent DoS attacks (CVE-2018-11761) (bsc#1109235)\n- Install missing LICENSE.txt file (bsc#1114814)\n- New upstream version (0.19.1) \n\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SUSE-Manager-Proxy-3.2-2018-2869,SUSE-SUSE-Manager-Server-3.2-2018-2869",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_4011-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2018:4011-1",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184011-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2018:4011-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2018-December/004936.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041999",
        "url": "https://bugzilla.suse.com/1041999"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1080474",
        "url": "https://bugzilla.suse.com/1080474"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1083094",
        "url": "https://bugzilla.suse.com/1083094"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1104487",
        "url": "https://bugzilla.suse.com/1104487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105359",
        "url": "https://bugzilla.suse.com/1105359"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1105724",
        "url": "https://bugzilla.suse.com/1105724"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106430",
        "url": "https://bugzilla.suse.com/1106430"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1106626",
        "url": "https://bugzilla.suse.com/1106626"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1107869",
        "url": "https://bugzilla.suse.com/1107869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1109235",
        "url": "https://bugzilla.suse.com/1109235"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110361",
        "url": "https://bugzilla.suse.com/1110361"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1110625",
        "url": "https://bugzilla.suse.com/1110625"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111247",
        "url": "https://bugzilla.suse.com/1111247"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111249",
        "url": "https://bugzilla.suse.com/1111249"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111387",
        "url": "https://bugzilla.suse.com/1111387"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111497",
        "url": "https://bugzilla.suse.com/1111497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111542",
        "url": "https://bugzilla.suse.com/1111542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111810",
        "url": "https://bugzilla.suse.com/1111810"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1111966",
        "url": "https://bugzilla.suse.com/1111966"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112163",
        "url": "https://bugzilla.suse.com/1112163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112445",
        "url": "https://bugzilla.suse.com/1112445"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1112754",
        "url": "https://bugzilla.suse.com/1112754"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113557",
        "url": "https://bugzilla.suse.com/1113557"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1113747",
        "url": "https://bugzilla.suse.com/1113747"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114181",
        "url": "https://bugzilla.suse.com/1114181"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114362",
        "url": "https://bugzilla.suse.com/1114362"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114814",
        "url": "https://bugzilla.suse.com/1114814"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1114991",
        "url": "https://bugzilla.suse.com/1114991"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1115449",
        "url": "https://bugzilla.suse.com/1115449"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1116517",
        "url": "https://bugzilla.suse.com/1116517"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-11761 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-11761/"
      }
    ],
    "title": "Security update for SUSE Manager Server 3.2",
    "tracking": {
      "current_release_date": "2018-12-07T12:25:18Z",
      "generator": {
        "date": "2018-12-07T12:25:18Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2018:4011-1",
      "initial_release_date": "2018-12-07T12:25:18Z",
      "revision_history": [
        {
          "date": "2018-12-07T12:25:18Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-mybatis-3.2.3-3.3.3.noarch",
                "product": {
                  "name": "apache-mybatis-3.2.3-3.3.3.noarch",
                  "product_id": "apache-mybatis-3.2.3-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "cobbler-2.6.6-6.10.3.noarch",
                "product": {
                  "name": "cobbler-2.6.6-6.10.3.noarch",
                  "product_id": "cobbler-2.6.6-6.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "hadoop-0.18.1-3.3.3.noarch",
                "product": {
                  "name": "hadoop-0.18.1-3.3.3.noarch",
                  "product_id": "hadoop-0.18.1-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                "product": {
                  "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                  "product_id": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "lucene-2.4.1-4.3.3.noarch",
                "product": {
                  "name": "lucene-2.4.1-4.3.3.noarch",
                  "product_id": "lucene-2.4.1-4.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "nekohtml-1.9.21-3.3.3.noarch",
                "product": {
                  "name": "nekohtml-1.9.21-3.3.3.noarch",
                  "product_id": "nekohtml-1.9.21-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "nutch-core-1.0.1-7.10.3.noarch",
                "product": {
                  "name": "nutch-core-1.0.1-7.10.3.noarch",
                  "product_id": "nutch-core-1.0.1-7.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "picocontainer-1.3.7-3.3.3.noarch",
                "product": {
                  "name": "picocontainer-1.3.7-3.3.3.noarch",
                  "product_id": "picocontainer-1.3.7-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
                "product": {
                  "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
                  "product_id": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "salt-netapi-client-0.15.0-4.3.3.noarch",
                "product": {
                  "name": "salt-netapi-client-0.15.0-4.3.3.noarch",
                  "product_id": "salt-netapi-client-0.15.0-4.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                "product": {
                  "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
                  "product_id": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacecmd-2.8.25.7-3.9.3.noarch",
                "product": {
                  "name": "spacecmd-2.8.25.7-3.9.3.noarch",
                  "product_id": "spacecmd-2.8.25.7-3.9.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-base-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-base-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-base-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-config-2.8.5.5-3.10.3.noarch",
                "product": {
                  "name": "spacewalk-config-2.8.5.5-3.10.3.noarch",
                  "product_id": "spacewalk-config-2.8.5.5-3.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-html-2.8.7.11-3.13.3.noarch",
                "product": {
                  "name": "spacewalk-html-2.8.7.11-3.13.3.noarch",
                  "product_id": "spacewalk-html-2.8.7.11-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-config-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-search-2.8.3.7-3.12.3.noarch",
                "product": {
                  "name": "spacewalk-search-2.8.3.7-3.12.3.noarch",
                  "product_id": "spacewalk-search-2.8.3.7-3.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
                "product": {
                  "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
                  "product_id": "spacewalk-setup-2.8.7.5-3.10.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
                "product": {
                  "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
                  "product_id": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
                "product": {
                  "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
                  "product_id": "spacewalk-utils-2.8.18.3-3.3.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-docs_en-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-docs_en-3.2-11.12.3.noarch",
                  "product_id": "susemanager-docs_en-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
                "product": {
                  "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
                  "product_id": "susemanager-frontend-libs-3.2.4-3.7.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-jsp_en-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-jsp_en-3.2-11.12.3.noarch",
                  "product_id": "susemanager-jsp_en-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
                "product": {
                  "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
                  "product_id": "susemanager-reference_en-pdf-3.2-11.12.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
                "product": {
                  "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
                  "product_id": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-schema-3.2.15-3.13.3.noarch",
                "product": {
                  "name": "susemanager-schema-3.2.15-3.13.3.noarch",
                  "product_id": "susemanager-schema-3.2.15-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-sls-3.2.18-3.13.3.noarch",
                "product": {
                  "name": "susemanager-sls-3.2.18-3.13.3.noarch",
                  "product_id": "susemanager-sls-3.2.18-3.13.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-sync-data-3.2.10-3.9.3.noarch",
                "product": {
                  "name": "susemanager-sync-data-3.2.10-3.9.3.noarch",
                  "product_id": "susemanager-sync-data-3.2.10-3.9.3.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tika-core-1.19.1-3.3.3.noarch",
                "product": {
                  "name": "tika-core-1.19.1-3.3.3.noarch",
                  "product_id": "tika-core-1.19.1-3.3.3.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.ppc64le",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.ppc64le",
                  "product_id": "susemanager-3.2.14-3.13.3.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.ppc64le",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.ppc64le",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.s390x",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.s390x",
                  "product_id": "susemanager-3.2.14-3.13.3.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.s390x",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.s390x",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
                "product": {
                  "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
                  "product_id": "spacewalk-branding-2.8.5.12-3.10.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-3.2.14-3.13.3.x86_64",
                "product": {
                  "name": "susemanager-3.2.14-3.13.3.x86_64",
                  "product_id": "susemanager-3.2.14-3.13.3.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "susemanager-tools-3.2.14-3.13.3.x86_64",
                "product": {
                  "name": "susemanager-tools-3.2.14-3.13.3.x86_64",
                  "product_id": "susemanager-tools-3.2.14-3.13.3.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Manager Proxy 3.2",
                "product": {
                  "name": "SUSE Manager Proxy 3.2",
                  "product_id": "SUSE Manager Proxy 3.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-proxy:3.2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server 3.2",
                "product": {
                  "name": "SUSE Manager Server 3.2",
                  "product_id": "SUSE Manager Server 3.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-server:3.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch as component of SUSE Manager Proxy 3.2",
          "product_id": "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch as component of SUSE Manager Proxy 3.2",
          "product_id": "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-mybatis-3.2.3-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch"
        },
        "product_reference": "apache-mybatis-3.2.3-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cobbler-2.6.6-6.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch"
        },
        "product_reference": "cobbler-2.6.6-6.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hadoop-0.18.1-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch"
        },
        "product_reference": "hadoop-0.18.1-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
        },
        "product_reference": "image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "lucene-2.4.1-4.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch"
        },
        "product_reference": "lucene-2.4.1-4.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nekohtml-1.9.21-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch"
        },
        "product_reference": "nekohtml-1.9.21-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "nutch-core-1.0.1-7.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch"
        },
        "product_reference": "nutch-core-1.0.1-7.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picocontainer-1.3.7-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch"
        },
        "product_reference": "picocontainer-1.3.7-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch"
        },
        "product_reference": "python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "salt-netapi-client-0.15.0-4.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch"
        },
        "product_reference": "salt-netapi-client-0.15.0-4.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch"
        },
        "product_reference": "saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacecmd-2.8.25.7-3.9.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch"
        },
        "product_reference": "spacecmd-2.8.25.7-3.9.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-branding-2.8.5.12-3.10.4.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64"
        },
        "product_reference": "spacewalk-branding-2.8.5.12-3.10.4.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-config-2.8.5.5-3.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch"
        },
        "product_reference": "spacewalk-config-2.8.5.5-3.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-html-2.8.7.11-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch"
        },
        "product_reference": "spacewalk-html-2.8.7.11-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-config-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-config-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-search-2.8.3.7-3.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch"
        },
        "product_reference": "spacewalk-search-2.8.3.7-3.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-setup-2.8.7.5-3.10.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch"
        },
        "product_reference": "spacewalk-setup-2.8.7.5-3.10.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch"
        },
        "product_reference": "spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "spacewalk-utils-2.8.18.3-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch"
        },
        "product_reference": "spacewalk-utils-2.8.18.3-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-3.2.14-3.13.3.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64"
        },
        "product_reference": "susemanager-3.2.14-3.13.3.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-docs_en-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-docs_en-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-frontend-libs-3.2.4-3.7.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch"
        },
        "product_reference": "susemanager-frontend-libs-3.2.4-3.7.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-jsp_en-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-jsp_en-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-reference_en-pdf-3.2-11.12.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch"
        },
        "product_reference": "susemanager-reference_en-pdf-3.2-11.12.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch"
        },
        "product_reference": "susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-schema-3.2.15-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch"
        },
        "product_reference": "susemanager-schema-3.2.15-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-sls-3.2.18-3.13.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch"
        },
        "product_reference": "susemanager-sls-3.2.18-3.13.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-sync-data-3.2.10-3.9.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch"
        },
        "product_reference": "susemanager-sync-data-3.2.10-3.9.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.ppc64le as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.s390x as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.s390x",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "susemanager-tools-3.2.14-3.13.3.x86_64 as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64"
        },
        "product_reference": "susemanager-tools-3.2.14-3.13.3.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tika-core-1.19.1-3.3.3.noarch as component of SUSE Manager Server 3.2",
          "product_id": "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
        },
        "product_reference": "tika-core-1.19.1-3.3.3.noarch",
        "relates_to_product_reference": "SUSE Manager Server 3.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-11761",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-11761"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service attack.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
          "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
          "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
          "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
          "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
          "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
          "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
          "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
          "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
          "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
          "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
          "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
          "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
          "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
          "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
          "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
          "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
          "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
          "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
          "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
          "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
          "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
          "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
          "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
          "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-11761",
          "url": "https://www.suse.com/security/cve/CVE-2018-11761"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1109235 for CVE-2018-11761",
          "url": "https://bugzilla.suse.com/1109235"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1111309 for CVE-2018-11761",
          "url": "https://bugzilla.suse.com/1111309"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
            "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
            "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
            "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
            "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
            "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
            "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
            "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
            "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
            "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Proxy 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:apache-mybatis-3.2.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:cobbler-2.6.6-6.10.3.noarch",
            "SUSE Manager Server 3.2:hadoop-0.18.1-3.3.3.noarch",
            "SUSE Manager Server 3.2:image-sync-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:lucene-2.4.1-4.3.3.noarch",
            "SUSE Manager Server 3.2:nekohtml-1.9.21-3.3.3.noarch",
            "SUSE Manager Server 3.2:nutch-core-1.0.1-7.10.3.noarch",
            "SUSE Manager Server 3.2:picocontainer-1.3.7-3.3.3.noarch",
            "SUSE Manager Server 3.2:python-susemanager-retail-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:salt-netapi-client-0.15.0-4.3.3.noarch",
            "SUSE Manager Server 3.2:saltboot-formula-0.1.1542287363.b8aa274-3.6.3.noarch",
            "SUSE Manager Server 3.2:spacecmd-2.8.25.7-3.9.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-base-minimal-config-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.ppc64le",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.s390x",
            "SUSE Manager Server 3.2:spacewalk-branding-2.8.5.12-3.10.4.x86_64",
            "SUSE Manager Server 3.2:spacewalk-config-2.8.5.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-html-2.8.7.11-3.13.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-search-2.8.3.7-3.12.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.5-3.10.3.noarch",
            "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.13-3.13.1.noarch",
            "SUSE Manager Server 3.2:spacewalk-utils-2.8.18.3-3.3.3.noarch",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:susemanager-advanced-topics_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-best-practices_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-docs_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-frontend-libs-3.2.4-3.7.3.noarch",
            "SUSE Manager Server 3.2:susemanager-getting-started_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-jsp_en-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-reference_en-pdf-3.2-11.12.3.noarch",
            "SUSE Manager Server 3.2:susemanager-retail-tools-1.0.1542643545.8752d17-2.6.3.noarch",
            "SUSE Manager Server 3.2:susemanager-schema-3.2.15-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sls-3.2.18-3.13.3.noarch",
            "SUSE Manager Server 3.2:susemanager-sync-data-3.2.10-3.9.3.noarch",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.ppc64le",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.s390x",
            "SUSE Manager Server 3.2:susemanager-tools-3.2.14-3.13.3.x86_64",
            "SUSE Manager Server 3.2:tika-core-1.19.1-3.3.3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2018-12-07T12:25:18Z",
          "details": "low"
        }
      ],
      "title": "CVE-2018-11761"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-11761 (GCVE-0-2018-11761)

Solutions

Tags

Sightings

Nomenclature