Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-6952 (GCVE-0-2018-6952)
Vulnerability from cvelistv5 – Published: 2018-02-13 19:00 – Updated: 2024-08-05 06:17
VLAI?
EPSS
Summary
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Date Public ?
2018-02-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"name": "103047",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103047"
},
{
"name": "GLSA-201904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"name": "RHSA-2019:2033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-06T16:06:13.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"name": "103047",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103047"
},
{
"name": "GLSA-201904-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"name": "RHSA-2019:2033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://savannah.gnu.org/bugs/index.php?53133",
"refsource": "MISC",
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"name": "103047",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103047"
},
{
"name": "GLSA-201904-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"name": "RHSA-2019:2033",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-6952",
"datePublished": "2018-02-13T19:00:00.000Z",
"dateReserved": "2018-02-13T00:00:00.000Z",
"dateUpdated": "2024-08-05T06:17:17.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.7.6\", \"matchCriteriaId\": \"0324E14E-0A19-4B70-B316-19577201C5D8\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.\"}, {\"lang\": \"es\", \"value\": \"Existe una doble liberaci\\u00f3n (double free) en la funci\\u00f3n another_hunk en pch.c en GNU patch hasta la versi\\u00f3n 2.7.6.\"}]",
"id": "CVE-2018-6952",
"lastModified": "2024-11-21T04:11:28.420",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-02-13T19:29:00.573",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/103047\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2033\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://savannah.gnu.org/bugs/index.php?53133\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201904-17\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/103047\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2033\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://savannah.gnu.org/bugs/index.php?53133\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201904-17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-415\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-6952\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-02-13T19:29:00.573\",\"lastModified\":\"2024-11-21T04:11:28.420\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.\"},{\"lang\":\"es\",\"value\":\"Existe una doble liberaci\u00f3n (double free) en la funci\u00f3n another_hunk en pch.c en GNU patch hasta la versi\u00f3n 2.7.6.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.7.6\",\"matchCriteriaId\":\"0324E14E-0A19-4B70-B316-19577201C5D8\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/103047\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2033\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://savannah.gnu.org/bugs/index.php?53133\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201904-17\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/103047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2033\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://savannah.gnu.org/bugs/index.php?53133\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201904-17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2022:1925-1
Vulnerability from csaf_suse - Published: 2022-06-02 12:35 - Updated: 2022-06-02 12:35Summary
Security update for patch
Notes
Title of the patch
Security update for patch
Description of the patch
This update for patch fixes the following issues:
Security issues fixed:
- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041).
- CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).
Bugfixes:
- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572).
- Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).
Patchnames
SUSE-2022-1925,SUSE-SLE-Module-Basesystem-15-SP3-2022-1925,SUSE-SLE-Module-Basesystem-15-SP4-2022-1925,openSUSE-SLE-15.3-2022-1925,openSUSE-SLE-15.4-2022-1925
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for patch",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for patch fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041).\n- CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).\n\nBugfixes:\n\n- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn\u0027t apply, leading to a segmentation fault (bsc#1111572).\n- Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1925,SUSE-SLE-Module-Basesystem-15-SP3-2022-1925,SUSE-SLE-Module-Basesystem-15-SP4-2022-1925,openSUSE-SLE-15.3-2022-1925,openSUSE-SLE-15.4-2022-1925",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1925-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1925-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221925-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1925-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011225.html"
},
{
"category": "self",
"summary": "SUSE Bug 1080985",
"url": "https://bugzilla.suse.com/1080985"
},
{
"category": "self",
"summary": "SUSE Bug 1111572",
"url": "https://bugzilla.suse.com/1111572"
},
{
"category": "self",
"summary": "SUSE Bug 1142041",
"url": "https://bugzilla.suse.com/1142041"
},
{
"category": "self",
"summary": "SUSE Bug 1198106",
"url": "https://bugzilla.suse.com/1198106"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6952 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13636 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13636/"
}
],
"title": "Security update for patch",
"tracking": {
"current_release_date": "2022-06-02T12:35:31Z",
"generator": {
"date": "2022-06-02T12:35:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1925-1",
"initial_release_date": "2022-06-02T12:35:31Z",
"revision_history": [
{
"date": "2022-06-02T12:35:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-150000.5.3.1.aarch64",
"product": {
"name": "patch-2.7.6-150000.5.3.1.aarch64",
"product_id": "patch-2.7.6-150000.5.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-150000.5.3.1.i586",
"product": {
"name": "patch-2.7.6-150000.5.3.1.i586",
"product_id": "patch-2.7.6-150000.5.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-150000.5.3.1.ppc64le",
"product": {
"name": "patch-2.7.6-150000.5.3.1.ppc64le",
"product_id": "patch-2.7.6-150000.5.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-150000.5.3.1.s390x",
"product": {
"name": "patch-2.7.6-150000.5.3.1.s390x",
"product_id": "patch-2.7.6-150000.5.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-150000.5.3.1.x86_64",
"product": {
"name": "patch-2.7.6-150000.5.3.1.x86_64",
"product_id": "patch-2.7.6-150000.5.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le"
},
"product_reference": "patch-2.7.6-150000.5.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x"
},
"product_reference": "patch-2.7.6-150000.5.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le"
},
"product_reference": "patch-2.7.6-150000.5.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x"
},
"product_reference": "patch-2.7.6-150000.5.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le"
},
"product_reference": "patch-2.7.6-150000.5.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x"
},
"product_reference": "patch-2.7.6-150000.5.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le"
},
"product_reference": "patch-2.7.6-150000.5.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x"
},
"product_reference": "patch-2.7.6-150000.5.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-150000.5.3.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
},
"product_reference": "patch-2.7.6-150000.5.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-6952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6952"
}
],
"notes": [
{
"category": "general",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6952",
"url": "https://www.suse.com/security/cve/CVE-2018-6952"
},
{
"category": "external",
"summary": "SUSE Bug 1080985 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1080985"
},
{
"category": "external",
"summary": "SUSE Bug 1167721 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1167721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-02T12:35:31Z",
"details": "low"
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2019-13636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13636"
}
],
"notes": [
{
"category": "general",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13636",
"url": "https://www.suse.com/security/cve/CVE-2019-13636"
},
{
"category": "external",
"summary": "SUSE Bug 1142041 for CVE-2019-13636",
"url": "https://bugzilla.suse.com/1142041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1.x86_64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.aarch64",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.ppc64le",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.s390x",
"openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-02T12:35:31Z",
"details": "moderate"
}
],
"title": "CVE-2019-13636"
}
]
}
SUSE-SU-2022:1932-1
Vulnerability from csaf_suse - Published: 2022-06-03 08:26 - Updated: 2022-06-03 08:26Summary
Security update for patch
Notes
Title of the patch
Security update for patch
Description of the patch
This update for patch fixes the following issues:
Security fixes:
- CVE-2019-13636: Fixed mishandled following of symlinks in certain cases other than input files (bsc#1142041).
- CVE-2018-6952: Fixed double free of memory in pch.c:another_hunk() (bsc#1080985).
Bugfixes:
- Pass the correct stat to backup files (bsc#1198106).
- Fix temporary file leak when applying ed-style patches (bsc#1092500).
Patchnames
SUSE-2022-1932,SUSE-SLE-SERVER-12-SP5-2022-1932
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for patch",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for patch fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2019-13636: Fixed mishandled following of symlinks in certain cases other than input files (bsc#1142041).\n- CVE-2018-6952: Fixed double free of memory in pch.c:another_hunk() (bsc#1080985).\n\nBugfixes:\n\n- Pass the correct stat to backup files (bsc#1198106).\n- Fix temporary file leak when applying ed-style patches (bsc#1092500).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-1932,SUSE-SLE-SERVER-12-SP5-2022-1932",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1932-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:1932-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20221932-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:1932-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-June/011232.html"
},
{
"category": "self",
"summary": "SUSE Bug 1080985",
"url": "https://bugzilla.suse.com/1080985"
},
{
"category": "self",
"summary": "SUSE Bug 1092500",
"url": "https://bugzilla.suse.com/1092500"
},
{
"category": "self",
"summary": "SUSE Bug 1142041",
"url": "https://bugzilla.suse.com/1142041"
},
{
"category": "self",
"summary": "SUSE Bug 1198106",
"url": "https://bugzilla.suse.com/1198106"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6952 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13636 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13636/"
}
],
"title": "Security update for patch",
"tracking": {
"current_release_date": "2022-06-03T08:26:34Z",
"generator": {
"date": "2022-06-03T08:26:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:1932-1",
"initial_release_date": "2022-06-03T08:26:34Z",
"revision_history": [
{
"date": "2022-06-03T08:26:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.aarch64",
"product": {
"name": "patch-2.7.5-8.8.1.aarch64",
"product_id": "patch-2.7.5-8.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.i586",
"product": {
"name": "patch-2.7.5-8.8.1.i586",
"product_id": "patch-2.7.5-8.8.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.ppc64le",
"product": {
"name": "patch-2.7.5-8.8.1.ppc64le",
"product_id": "patch-2.7.5-8.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.s390",
"product": {
"name": "patch-2.7.5-8.8.1.s390",
"product_id": "patch-2.7.5-8.8.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.s390x",
"product": {
"name": "patch-2.7.5-8.8.1.s390x",
"product_id": "patch-2.7.5-8.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.5-8.8.1.x86_64",
"product": {
"name": "patch-2.7.5-8.8.1.x86_64",
"product_id": "patch-2.7.5-8.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64"
},
"product_reference": "patch-2.7.5-8.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le"
},
"product_reference": "patch-2.7.5-8.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x"
},
"product_reference": "patch-2.7.5-8.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64"
},
"product_reference": "patch-2.7.5-8.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64"
},
"product_reference": "patch-2.7.5-8.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le"
},
"product_reference": "patch-2.7.5-8.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x"
},
"product_reference": "patch-2.7.5-8.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.5-8.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
},
"product_reference": "patch-2.7.5-8.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-6952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6952"
}
],
"notes": [
{
"category": "general",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6952",
"url": "https://www.suse.com/security/cve/CVE-2018-6952"
},
{
"category": "external",
"summary": "SUSE Bug 1080985 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1080985"
},
{
"category": "external",
"summary": "SUSE Bug 1167721 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1167721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T08:26:34Z",
"details": "low"
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2019-13636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13636"
}
],
"notes": [
{
"category": "general",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13636",
"url": "https://www.suse.com/security/cve/CVE-2019-13636"
},
{
"category": "external",
"summary": "SUSE Bug 1142041 for CVE-2019-13636",
"url": "https://bugzilla.suse.com/1142041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:patch-2.7.5-8.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:patch-2.7.5-8.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-06-03T08:26:34Z",
"details": "moderate"
}
],
"title": "CVE-2019-13636"
}
]
}
MSRC_CVE-2018-6952
Vulnerability from csaf_microsoft - Published: 2018-02-02 00:00 - Updated: 2024-06-30 07:00Summary
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2018-6952 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-6952.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"tracking": {
"current_release_date": "2024-06-30T07:00:00.000Z",
"generator": {
"date": "2025-10-19T17:16:57.597Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2018-6952",
"initial_release_date": "2018-02-02T00:00:00.000Z",
"revision_history": [
{
"date": "2020-08-18T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2021-12-16T00:00:00.000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added patch to CBL-Mariner 2.0"
},
{
"date": "2024-06-30T07:00:00.000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "1.0",
"product": {
"name": "CBL Mariner 1.0",
"product_id": "16820"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "16817"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 patch 2.7.6-9",
"product": {
"name": "\u003cazl3 patch 2.7.6-9",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 patch 2.7.6-9",
"product": {
"name": "azl3 patch 2.7.6-9",
"product_id": "16927"
}
},
{
"category": "product_version_range",
"name": "\u003ccm1 patch 2.7.6-7",
"product": {
"name": "\u003ccm1 patch 2.7.6-7",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cm1 patch 2.7.6-7",
"product": {
"name": "cm1 patch 2.7.6-7",
"product_id": "16925"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 patch 2.7.6-7",
"product": {
"name": "\u003ccbl2 patch 2.7.6-7",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 patch 2.7.6-7",
"product": {
"name": "cbl2 patch 2.7.6-7",
"product_id": "16926"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 patch 2.7.6-9",
"product": {
"name": "\u003cazl3 patch 2.7.6-9",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 patch 2.7.6-9",
"product": {
"name": "azl3 patch 2.7.6-9",
"product_id": "16927"
}
}
],
"category": "product_name",
"name": "patch"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16927-17084"
},
"product_reference": "16927",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccm1 patch 2.7.6-7 as a component of CBL Mariner 1.0",
"product_id": "16820-4"
},
"product_reference": "4",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cm1 patch 2.7.6-7 as a component of CBL Mariner 1.0",
"product_id": "16925-16820"
},
"product_reference": "16925",
"relates_to_product_reference": "16820"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 patch 2.7.6-7 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 patch 2.7.6-7 as a component of CBL Mariner 2.0",
"product_id": "16926-17086"
},
"product_reference": "16926",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16817-2"
},
"product_reference": "2",
"relates_to_product_reference": "16817"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 patch 2.7.6-9 as a component of Azure Linux 3.0",
"product_id": "16927-16817"
},
"product_reference": "16927",
"relates_to_product_reference": "16817"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"16927-17084",
"16925-16820",
"16926-17086",
"16927-16817"
],
"known_affected": [
"17084-1",
"16820-4",
"17086-3",
"16817-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2018-6952 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2018/msrc_cve-2018-6952.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-18T00:00:00.000Z",
"details": "2.7.6-9:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1",
"16817-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2020-08-18T00:00:00.000Z",
"details": "2.7.6-7:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"16820-4",
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17084-1",
"16820-4",
"17086-3",
"16817-2"
]
}
],
"title": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
}
]
}
OPENSUSE-SU-2024:12060-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
patch-2.7.6-5.1 on GA media
Notes
Title of the patch
patch-2.7.6-5.1 on GA media
Description of the patch
These are all security issues fixed in the patch-2.7.6-5.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12060
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "patch-2.7.6-5.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the patch-2.7.6-5.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12060",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12060-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6952 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-13636 page",
"url": "https://www.suse.com/security/cve/CVE-2019-13636/"
}
],
"title": "patch-2.7.6-5.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12060-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-5.1.aarch64",
"product": {
"name": "patch-2.7.6-5.1.aarch64",
"product_id": "patch-2.7.6-5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-5.1.ppc64le",
"product": {
"name": "patch-2.7.6-5.1.ppc64le",
"product_id": "patch-2.7.6-5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-5.1.s390x",
"product": {
"name": "patch-2.7.6-5.1.s390x",
"product_id": "patch-2.7.6-5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-2.7.6-5.1.x86_64",
"product": {
"name": "patch-2.7.6-5.1.x86_64",
"product_id": "patch-2.7.6-5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-5.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64"
},
"product_reference": "patch-2.7.6-5.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-5.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le"
},
"product_reference": "patch-2.7.6-5.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-5.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:patch-2.7.6-5.1.s390x"
},
"product_reference": "patch-2.7.6-5.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-2.7.6-5.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
},
"product_reference": "patch-2.7.6-5.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-6952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6952"
}
],
"notes": [
{
"category": "general",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6952",
"url": "https://www.suse.com/security/cve/CVE-2018-6952"
},
{
"category": "external",
"summary": "SUSE Bug 1080985 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1080985"
},
{
"category": "external",
"summary": "SUSE Bug 1167721 for CVE-2018-6952",
"url": "https://bugzilla.suse.com/1167721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2019-13636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-13636"
}
],
"notes": [
{
"category": "general",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-13636",
"url": "https://www.suse.com/security/cve/CVE-2019-13636"
},
{
"category": "external",
"summary": "SUSE Bug 1142041 for CVE-2019-13636",
"url": "https://bugzilla.suse.com/1142041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:patch-2.7.6-5.1.aarch64",
"openSUSE Tumbleweed:patch-2.7.6-5.1.ppc64le",
"openSUSE Tumbleweed:patch-2.7.6-5.1.s390x",
"openSUSE Tumbleweed:patch-2.7.6-5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-13636"
}
]
}
GHSA-FFQC-F68H-QQ8W
Vulnerability from github – Published: 2022-05-14 01:09 – Updated: 2022-05-14 01:09
VLAI?
Details
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-6952"
],
"database_specific": {
"cwe_ids": [
"CWE-415"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-02-13T19:29:00Z",
"severity": "HIGH"
},
"details": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"id": "GHSA-ffqc-f68h-qq8w",
"modified": "2022-05-14T01:09:25Z",
"published": "2022-05-14T01:09:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
},
{
"type": "WEB",
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/103047"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
RHSA-2019_2033
Vulnerability from csaf_redhat - Published: 2019-08-06 13:03 - Updated: 2024-11-22 12:23Summary
Red Hat Security Advisory: patch security and bug fix update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: Out-of-bounds access in pch_write_line function in pch.c (CVE-2016-10713)
* patch: Double free of memory in pch.c:another_hunk() causes a crash (CVE-2018-6952)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: Out-of-bounds access in pch_write_line function in pch.c (CVE-2016-10713)\n\n* patch: Double free of memory in pch.c:another_hunk() causes a crash (CVE-2018-6952)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2033",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index"
},
{
"category": "external",
"summary": "1545053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545053"
},
{
"category": "external",
"summary": "1545405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545405"
},
{
"category": "external",
"summary": "1626473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626473"
},
{
"category": "external",
"summary": "1653294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653294"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2033.json"
}
],
"title": "Red Hat Security Advisory: patch security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T12:23:38+00:00",
"generator": {
"date": "2024-11-22T12:23:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:2033",
"initial_release_date": "2019-08-06T13:03:19+00:00",
"revision_history": [
{
"date": "2019-08-06T13:03:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-08-06T13:03:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:23:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7.x86_64",
"product_id": "patch-0:2.7.1-11.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.src",
"product": {
"name": "patch-0:2.7.1-11.el7.src",
"product_id": "patch-0:2.7.1-11.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7.s390x",
"product_id": "patch-0:2.7.1-11.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7.ppc64",
"product_id": "patch-0:2.7.1-11.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7.ppc64le",
"product_id": "patch-0:2.7.1-11.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10713",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-02-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1545405"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based out-of-bounds read flaw was found in the way the patch utility parsed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patch files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: Out-of-bounds access in pch_write_line function in pch.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10713"
},
{
"category": "external",
"summary": "RHBZ#1545405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545405"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10713",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10713"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10713",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10713"
},
{
"category": "external",
"summary": "https://savannah.gnu.org/bugs/index.php?45990",
"url": "https://savannah.gnu.org/bugs/index.php?45990"
}
],
"release_date": "2018-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-08-06T13:03:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "patch: Out-of-bounds access in pch_write_line function in pch.c"
},
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1545053"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: Double free of memory in pch.c:another_hunk() causes a crash",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6952"
},
{
"category": "external",
"summary": "RHBZ#1545053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6952",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952"
}
],
"release_date": "2018-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-08-06T13:03:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "patch: Double free of memory in pch.c:another_hunk() causes a crash"
}
]
}
RHSA-2019:2033
Vulnerability from csaf_redhat - Published: 2019-08-06 13:03 - Updated: 2025-11-21 18:09Summary
Red Hat Security Advisory: patch security and bug fix update
Notes
Topic
An update for patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).
Security Fix(es):
* patch: Out-of-bounds access in pch_write_line function in pch.c (CVE-2016-10713)
* patch: Double free of memory in pch.c:another_hunk() causes a crash (CVE-2018-6952)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for patch is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file).\n\nSecurity Fix(es):\n\n* patch: Out-of-bounds access in pch_write_line function in pch.c (CVE-2016-10713)\n\n* patch: Double free of memory in pch.c:another_hunk() causes a crash (CVE-2018-6952)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2033",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index"
},
{
"category": "external",
"summary": "1545053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545053"
},
{
"category": "external",
"summary": "1545405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545405"
},
{
"category": "external",
"summary": "1626473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626473"
},
{
"category": "external",
"summary": "1653294",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653294"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2033.json"
}
],
"title": "Red Hat Security Advisory: patch security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:09:19+00:00",
"generator": {
"date": "2025-11-21T18:09:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2019:2033",
"initial_release_date": "2019-08-06T13:03:19+00:00",
"revision_history": [
{
"date": "2019-08-06T13:03:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-08-06T13:03:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:09:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.x86_64",
"product": {
"name": "patch-0:2.7.1-11.el7.x86_64",
"product_id": "patch-0:2.7.1-11.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.src",
"product": {
"name": "patch-0:2.7.1-11.el7.src",
"product_id": "patch-0:2.7.1-11.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.s390x",
"product": {
"name": "patch-0:2.7.1-11.el7.s390x",
"product_id": "patch-0:2.7.1-11.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.ppc64",
"product": {
"name": "patch-0:2.7.1-11.el7.ppc64",
"product_id": "patch-0:2.7.1-11.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product_id": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch-debuginfo@2.7.1-11.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "patch-0:2.7.1-11.el7.ppc64le",
"product": {
"name": "patch-0:2.7.1-11.el7.ppc64le",
"product_id": "patch-0:2.7.1-11.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/patch@2.7.1-11.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Client-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
"product_id": "7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Server-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.src"
},
"product_reference": "patch-0:2.7.1-11.el7.src",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.s390x",
"relates_to_product_reference": "7Workstation-7.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "patch-debuginfo-0:2.7.1-11.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
},
"product_reference": "patch-debuginfo-0:2.7.1-11.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10713",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2018-02-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1545405"
}
],
"notes": [
{
"category": "description",
"text": "A heap-based out-of-bounds read flaw was found in the way the patch utility parsed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patch files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: Out-of-bounds access in pch_write_line function in pch.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-10713"
},
{
"category": "external",
"summary": "RHBZ#1545405",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545405"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-10713",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10713"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-10713",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10713"
},
{
"category": "external",
"summary": "https://savannah.gnu.org/bugs/index.php?45990",
"url": "https://savannah.gnu.org/bugs/index.php?45990"
}
],
"release_date": "2018-02-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-08-06T13:03:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "patch: Out-of-bounds access in pch_write_line function in pch.c"
},
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1545053"
}
],
"notes": [
{
"category": "description",
"text": "A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "patch: Double free of memory in pch.c:another_hunk() causes a crash",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-6952"
},
{
"category": "external",
"summary": "RHBZ#1545053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1545053"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-6952",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6952"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6952"
}
],
"release_date": "2018-02-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-08-06T13:03:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-0:2.7.1-11.el7.src",
"7Client-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Client-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.src",
"7ComputeNode-7.7:patch-0:2.7.1-11.el7.x86_64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7ComputeNode-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-0:2.7.1-11.el7.src",
"7Server-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Server-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-0:2.7.1-11.el7.src",
"7Workstation-7.7:patch-0:2.7.1-11.el7.x86_64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.ppc64le",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.s390x",
"7Workstation-7.7:patch-debuginfo-0:2.7.1-11.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "patch: Double free of memory in pch.c:another_hunk() causes a crash"
}
]
}
GSD-2018-6952
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-6952",
"description": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"id": "GSD-2018-6952",
"references": [
"https://www.suse.com/security/cve/CVE-2018-6952.html",
"https://access.redhat.com/errata/RHSA-2019:2033",
"https://advisories.mageia.org/CVE-2018-6952.html",
"https://security.archlinux.org/CVE-2018-6952",
"https://alas.aws.amazon.com/cve/html/CVE-2018-6952.html",
"https://linux.oracle.com/cve/CVE-2018-6952.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-6952"
],
"details": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"id": "GSD-2018-6952",
"modified": "2023-12-13T01:22:35.108789Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://savannah.gnu.org/bugs/index.php?53133",
"refsource": "MISC",
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"name": "103047",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103047"
},
{
"name": "GLSA-201904-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"name": "RHSA-2019:2033",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.7.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-6952"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://savannah.gnu.org/bugs/index.php?53133",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"name": "103047",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103047"
},
{
"name": "GLSA-201904-17",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"name": "RHSA-2019:2033",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-04-17T20:29Z",
"publishedDate": "2018-02-13T19:29Z"
}
}
}
CVE-2018-6952
Vulnerability from fstec - Published: 12.02.2018
VLAI Severity ?
Title
Уязвимость функции another_hunk() компонента pch.c программы переноса правок Patch, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции another_hunk() компонента pch.c программы переноса правок Patch связана с повторным освобождением памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
Сообщество свободного программного обеспечения, ООО «РусБИТех-Астра»
Software Name
Debian GNU/Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), Patch
Software Version
10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), до 2.7.6 включительно (Patch)
Possible Mitigations
Для Patch:
использование рекомендаций производителя: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300
Для Debian:
использование рекомендаций производителя: https://security-tracker.debian.org/tracker/CVE-2018-6952
Для ОС Astra Linux:
использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD
Reference
https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300
https://nvd.nist.gov/vuln/detail/CVE-2018-6952
https://savannah.gnu.org/bugs/index.php?53133
https://savannah.gnu.org/bugs/index.php?56683
https://security-tracker.debian.org/tracker/CVE-2018-6952
https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD
CWE
CWE-415
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), 11 (Debian GNU/Linux), 1.7 (Astra Linux Special Edition), \u0434\u043e 2.7.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Patch)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Patch:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300\n\n\u0414\u043b\u044f Debian:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2018-6952\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "12.02.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "28.03.2023",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.03.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-01649",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-6952",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Patch",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 another_hunk() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 pch.c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0430 \u043f\u0440\u0430\u0432\u043e\u043a Patch, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 (CWE-415)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 another_hunk() \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 pch.c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u0430 \u043f\u0440\u0430\u0432\u043e\u043a Patch \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-6952\nhttps://savannah.gnu.org/bugs/index.php?53133\nhttps://savannah.gnu.org/bugs/index.php?56683\nhttps://security-tracker.debian.org/tracker/CVE-2018-6952\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0303SE17MD",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-415",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
FKIE_CVE-2018-6952
Vulnerability from fkie_nvd - Published: 2018-02-13 19:29 - Updated: 2024-11-21 04:11
Severity ?
Summary
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:patch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0324E14E-0A19-4B70-B316-19577201C5D8",
"versionEndIncluding": "2.7.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6."
},
{
"lang": "es",
"value": "Existe una doble liberaci\u00f3n (double free) en la funci\u00f3n another_hunk en pch.c en GNU patch hasta la versi\u00f3n 2.7.6."
}
],
"id": "CVE-2018-6952",
"lastModified": "2024-11-21T04:11:28.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-02-13T19:29:00.573",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103047"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:2033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://savannah.gnu.org/bugs/index.php?53133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201904-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-415"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-6952
Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2025-07-08 10:00 - Updated: 2025-07-08 10:00Summary
Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware
Notes
Summary
Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2
Impact
Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.
Remediation
Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.
General Recommendation
Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination.",
"urls": [
"https://certvde.com"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple Linux component vulnerabilities fixed in latest PLCnext Firmware release 2025.0.2",
"title": "Summary"
},
{
"category": "description",
"text": "Availability, integrity, or confidentiality of the PLCnext Control might be compromised by attacks using these vulnerabilities.",
"title": "Impact"
},
{
"category": "description",
"text": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"title": "Remediation"
},
{
"category": "general",
"text": "Phoenix Contact recommends operating network-capable devices in closed networks or protected with a suitable firewall. For detailed information on our recommendations for measures to protect network-capable devices, please refer to our [application note](https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf).",
"title": "General Recommendation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@phoenixcontact.com",
"name": "Phoenix Contact GmbH \u0026 Co. KG",
"namespace": "https://phoenixcontact.com/psirt"
},
"references": [
{
"category": "external",
"summary": "PCSA-2025/00008",
"url": "https://phoenixcontact.com/psirt"
},
{
"category": "external",
"summary": "Phoenix Contact advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
},
{
"category": "external",
"summary": "Phoenix Contact application note",
"url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2025-053"
},
{
"category": "self",
"summary": "VDE-2025-053: Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware - CSAF",
"url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-053.json"
}
],
"title": "Phoenix Contact: Multiple Vulnerabilities in PLCnext Firmware",
"tracking": {
"aliases": [
"VDE-2025-053",
"PCSA-2025/00008"
],
"current_release_date": "2025-07-08T10:00:00.000Z",
"generator": {
"date": "2025-06-26T10:14:28.625Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.27"
}
},
"id": "VDE-2025-053",
"initial_release_date": "2025-07-08T10:00:00.000Z",
"revision_history": [
{
"date": "2025-07-08T10:00:00.000Z",
"number": "1",
"summary": "Initial"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AXC F 1152",
"product": {
"name": "AXC F 1152",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 2152",
"product": {
"name": "AXC F 2152",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
}
},
{
"category": "product_name",
"name": "AXC F 3152",
"product": {
"name": "AXC F 3152",
"product_id": "CSAFPID-11003",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
}
},
{
"category": "product_name",
"name": "RFC 4072S",
"product": {
"name": "RFC 4072S",
"product_id": "CSAFPID-11004",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
}
},
{
"category": "product_name",
"name": "BPC 9102S",
"product": {
"name": "BPC 9102S",
"product_id": "CSAFPID-11011",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.0.2",
"product": {
"name": "Firmware \u003c 2025.0.2",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "2025.0.2",
"product": {
"name": "Firmware 2025.0.2",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Phoenix Contact GmbH \u0026 Co. KG"
}
],
"product_groups": [
{
"group_id": "CSAFGID-61001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
],
"summary": "Affected Products."
},
{
"group_id": "CSAFGID-62001",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"summary": "Fixed Product."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-31001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 1152",
"product_id": "CSAFPID-32001",
"product_identification_helper": {
"model_numbers": [
"1151412"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-31002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 2152",
"product_id": "CSAFPID-32002",
"product_identification_helper": {
"model_numbers": [
"2404267"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-31004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on AXC F 3152",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"model_numbers": [
"1069208"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-31005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on RFC 4072S",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"model_numbers": [
"1051328"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-31007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 2025.0.2 installed on BPC 9102S",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"model_numbers": [
"1246285"
]
}
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11011"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12705",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12705](https://nvd.nist.gov/vuln/detail/CVE-2024-12705)",
"title": "Details"
},
{
"category": "description",
"text": "Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver\u0027s CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic.\nThis issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12705"
},
{
"cve": "CVE-2025-24965",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-24965](https://nvd.nist.gov/vuln/detail/CVE-2025-24965)",
"title": "Details"
},
{
"category": "description",
"text": "crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creation or modification on the host. No special permissions are needed, only the ability for the current user to write to the target file. The problem is fixed in crun 1.20 and all users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 8.7,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-24965"
},
{
"cve": "CVE-2025-0665",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0665](https://nvd.nist.gov/vuln/detail/CVE-2025-0665)",
"title": "Details"
},
{
"category": "description",
"text": "libcurl would wrongly close the same eventfd file descriptor twice when taking\ndown a connection channel after having completed a threaded name resolve.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0665"
},
{
"cve": "CVE-2025-0167",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-0167](https://nvd.nist.gov/vuln/detail/CVE-2025-0167)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to use a `.netrc` file for credentials **and** to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has a `default` entry that\nomits both login and password. A rare circumstance.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-0167"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-11053](https://nvd.nist.gov/vuln/detail/CVE-2024-11053)",
"title": "Details"
},
{
"category": "description",
"text": "When asked to both use a `.netrc` file for credentials and to follow HTTP\nredirects, curl could leak the password used for the first host to the\nfollowed-to host under certain circumstances.\n\nThis flaw only manifests itself if the netrc file has an entry that matches\nthe redirect target hostname but the entry either omits just the password or\nomits both login and password.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"environmentalScore": 3.4,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 3.4,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-9681",
"cwe": {
"id": "CWE-697",
"name": "Incorrect Comparison"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9681](https://nvd.nist.gov/vuln/detail/CVE-2024-9681)",
"title": "Details"
},
{
"category": "description",
"text": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain\u0027s cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain\u0027s expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl\u0027s HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent\u0027s entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9681"
},
{
"cve": "CVE-2024-0684",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "Coreutils: heap overflow in split --line-bytes with very long lines"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-0684](https://nvd.nist.gov/vuln/detail/CVE-2024-0684)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-0684"
},
{
"cve": "CVE-2024-52533",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-52533](https://nvd.nist.gov/vuln/detail/CVE-2024-52533)",
"title": "Details"
},
{
"category": "description",
"text": "gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4_CONN_MSG_LEN is not sufficient for a trailing \u0027\\0\u0027 character.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-52533"
},
{
"cve": "CVE-2020-16120",
"cwe": {
"id": "CWE-266",
"name": "Incorrect Privilege Assignment"
},
"notes": [
{
"category": "summary",
"text": "Unprivileged overlay + shiftfs read access"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2020-16120](https://nvd.nist.gov/vuln/detail/CVE-2020-16120)",
"title": "Details"
},
{
"category": "description",
"text": "Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef (\"ovl: stack file ops\"). This was fixed in kernel version 5.8 by commits 56230d9 (\"ovl: verify permissions in ovl_path_open()\"), 48bd024 (\"ovl: switch to mounter creds in readdir\") and 05acefb (\"ovl: check permission to open real file\"). Additionally, commits 130fdbc (\"ovl: pass correct flags for opening real directory\") and 292f902 (\"ovl: call secutiry hook in ovl_real_ioctl()\") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da (\"ovl: do not fail because of O_NOATIMEi\") in kernel 5.11.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2020-16120"
},
{
"cve": "CVE-2023-7256",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-7256](https://nvd.nist.gov/vuln/detail/CVE-2023-7256)",
"title": "Details"
},
{
"category": "description",
"text": "In affected libpcap versions during the setup of a remote packet capture the internal function sock_initaddress() calls getaddrinfo() and possibly freeaddrinfo(), but does not clearly indicate to the caller function whether freeaddrinfo() still remains to be called after the function returns. This makes it possible in some scenarios that both the function and its caller call freeaddrinfo() for the same allocated memory block. A similar problem was reported in Apple libpcap, to which Apple assigned CVE-2023-40400.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-7256"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8006](https://nvd.nist.gov/vuln/detail/CVE-2024-8006)",
"title": "Details"
},
{
"category": "description",
"text": "Remote packet capture support is disabled by default in libpcap. When a user builds libpcap with remote packet capture support enabled, one of the functions that become available is pcap_findalldevs_ex(). One of the function arguments can be a filesystem path, which normally means a directory with input data files. When the specified path cannot be used as a directory, the function receives NULL from opendir(), but does not check the return value and passes the NULL value to readdir(), which causes a NULL pointer derefence.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-8176](https://nvd.nist.gov/vuln/detail/CVE-2024-8176)",
"title": "Details"
},
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-50602",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-50602](https://nvd.nist.gov/vuln/detail/CVE-2024-50602)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-50602"
},
{
"cve": "CVE-2024-10918",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10918](https://nvd.nist.gov/vuln/detail/CVE-2024-10918)",
"title": "Details"
},
{
"category": "description",
"text": "Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an\nunexpected length.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10918"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12133](https://nvd.nist.gov/vuln/detail/CVE-2024-12133)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2025-27113",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-27113](https://nvd.nist.gov/vuln/detail/CVE-2025-27113)",
"title": "Details"
},
{
"category": "description",
"text": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2024-25062",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-25062](https://nvd.nist.gov/vuln/detail/CVE-2024-25062)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-25062"
},
{
"cve": "CVE-2024-5742",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"notes": [
{
"category": "summary",
"text": "Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5742](https://nvd.nist.gov/vuln/detail/CVE-2024-5742)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5742"
},
{
"cve": "CVE-2025-26466",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26466](https://nvd.nist.gov/vuln/detail/CVE-2025-26466)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2025-26465](https://nvd.nist.gov/vuln/detail/CVE-2025-26465)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6119](https://nvd.nist.gov/vuln/detail/CVE-2024-6119)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Applications performing certificate name checks (e.g., TLS\nclients checking server certificates) may attempt to read an invalid memory\naddress resulting in abnormal termination of the application process.\n\nImpact summary: Abnormal termination of an application can a cause a denial of\nservice.\n\nApplications performing certificate name checks (e.g., TLS clients checking\nserver certificates) may attempt to read an invalid memory address when\ncomparing the expected name with an `otherName` subject alternative name of an\nX.509 certificate. This may result in an exception that terminates the\napplication program.\n\nNote that basic certificate chain validation (signatures, dates, ...) is not\naffected, the denial of service can occur only when the application also\nspecifies an expected DNS name, Email address or IP address.\n\nTLS servers rarely solicit client certificates, and even when they do, they\ngenerally don\u0027t perform a name check against a reference identifier (expected\nidentity), but rather extract the presented identity after checking the\ncertificate chain. So TLS servers are generally not affected and the severity\nof the issue is Moderate.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9143](https://nvd.nist.gov/vuln/detail/CVE-2024-9143)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted\nexplicit values for the field polynomial can lead to out-of-bounds memory reads\nor writes.\n\nImpact summary: Out of bound memory writes can lead to an application crash or\neven a possibility of a remote code execution, however, in all the protocols\ninvolving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named\ncurves\" are supported, or, if explicit curve parameters are supported, they\nspecify an X9.62 encoding of binary (GF(2^m)) curves that can\u0027t represent\nproblematic input values. Thus the likelihood of existence of a vulnerable\napplication is low.\n\nIn particular, the X9.62 encoding is used for ECC keys in X.509 certificates,\nso problematic inputs cannot occur in the context of processing X.509\ncertificates. Any problematic use-cases would have to be using an \"exotic\"\ncurve encoding.\n\nThe affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(),\nand various supporting BN_GF2m_*() functions.\n\nApplications working with \"exotic\" explicit binary (GF(2^m)) curve parameters,\nthat make it possible to represent invalid field polynomials with a zero\nconstant term, via the above or similar APIs, may terminate abruptly as a\nresult of reading or writing outside of array bounds. Remote code execution\ncannot easily be ruled out.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "SSL_select_next_proto buffer overread"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5535](https://nvd.nist.gov/vuln/detail/CVE-2024-5535)",
"title": "Details"
},
{
"category": "description",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an\nempty supported client protocols buffer may cause a crash or memory contents to\nbe sent to the peer.\n\nImpact summary: A buffer overread can have a range of potential consequences\nsuch as unexpected application beahviour or a crash. In particular this issue\ncould result in up to 255 bytes of arbitrary private data from memory being sent\nto the peer leading to a loss of confidentiality. However, only applications\nthat directly call the SSL_select_next_proto function with a 0 length list of\nsupported client protocols are affected by this issue. This would normally never\nbe a valid scenario and is typically not under attacker control but may occur by\naccident in the case of a configuration or programming error in the calling\napplication.\n\nThe OpenSSL API function SSL_select_next_proto is typically used by TLS\napplications that support ALPN (Application Layer Protocol Negotiation) or NPN\n(Next Protocol Negotiation). NPN is older, was never standardised and\nis deprecated in favour of ALPN. We believe that ALPN is significantly more\nwidely deployed than NPN. The SSL_select_next_proto function accepts a list of\nprotocols from the server and a list of protocols from the client and returns\nthe first protocol that appears in the server list that also appears in the\nclient list. In the case of no overlap between the two lists it returns the\nfirst item in the client list. In either case it will signal whether an overlap\nbetween the two lists was found. In the case where SSL_select_next_proto is\ncalled with a zero length client list it fails to notice this condition and\nreturns the memory immediately following the client list pointer (and reports\nthat there was no overlap in the lists).\n\nThis function is typically called from a server side application callback for\nALPN or a client side application callback for NPN. In the case of ALPN the list\nof protocols supplied by the client is guaranteed by libssl to never be zero in\nlength. The list of server protocols comes from the application and should never\nnormally be expected to be of zero length. In this case if the\nSSL_select_next_proto function has been called as expected (with the list\nsupplied by the client passed in the client/client_len parameters), then the\napplication will not be vulnerable to this issue. If the application has\naccidentally been configured with a zero length server list, and has\naccidentally passed that zero length server list in the client/client_len\nparameters, and has additionally failed to correctly handle a \"no overlap\"\nresponse (which would normally result in a handshake failure in ALPN) then it\nwill be vulnerable to this problem.\n\nIn the case of NPN, the protocol permits the client to opportunistically select\na protocol when there is no overlap. OpenSSL returns the first client protocol\nin the no overlap case in support of this. The list of client protocols comes\nfrom the application and should never normally be expected to be of zero length.\nHowever if the SSL_select_next_proto function is accidentally called with a\nclient_len of 0 then an invalid memory pointer will be returned instead. If the\napplication uses this output as the opportunistic protocol then the loss of\nconfidentiality will occur.\n\nThis issue has been assessed as Low severity because applications are most\nlikely to be vulnerable if they are using NPN instead of ALPN - but NPN is not\nwidely used. It also requires an application configuration or programming error.\nFinally, this issue would not typically be under attacker control making active\nexploitation unlikely.\n\nThe FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.\n\nDue to the low severity of this issue we are not issuing new releases of\nOpenSSL at this time. The fix will be included in the next releases when they\nbecome available.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-28882",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-28882](https://nvd.nist.gov/vuln/detail/CVE-2024-28882)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-28882"
},
{
"cve": "CVE-2024-5594",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-5594](https://nvd.nist.gov/vuln/detail/CVE-2024-5594)",
"title": "Details"
},
{
"category": "description",
"text": "OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-5594"
},
{
"cve": "CVE-2019-20633",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-20633](https://nvd.nist.gov/vuln/detail/CVE-2019-20633)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vulnerability in the function another_hunk in pch.c that can cause a denial of service via a crafted patch file. NOTE: this issue exists because of an incomplete fix for CVE-2018-6952.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-20633"
},
{
"cve": "CVE-2019-13638",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13638](https://nvd.nist.gov/vuln/detail/CVE-2019-13638)",
"title": "Details"
},
{
"category": "description",
"text": "GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13638"
},
{
"cve": "CVE-2019-13636",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13636](https://nvd.nist.gov/vuln/detail/CVE-2019-13636)",
"title": "Details"
},
{
"category": "description",
"text": "In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13636"
},
{
"cve": "CVE-2018-1000156",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000156](https://nvd.nist.gov/vuln/detail/CVE-2018-1000156)",
"title": "Details"
},
{
"category": "description",
"text": "GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD\u0027s CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000156"
},
{
"cve": "CVE-2018-20969",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-20969](https://nvd.nist.gov/vuln/detail/CVE-2018-20969)",
"title": "Details"
},
{
"category": "description",
"text": "do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 9.3,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-20969"
},
{
"cve": "CVE-2018-6951",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6951](https://nvd.nist.gov/vuln/detail/CVE-2018-6951)",
"title": "Details"
},
{
"category": "description",
"text": "An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a \"mangled rename\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6951"
},
{
"cve": "CVE-2018-6952",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-6952](https://nvd.nist.gov/vuln/detail/CVE-2018-6952)",
"title": "Details"
},
{
"category": "description",
"text": "A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-6952"
},
{
"cve": "CVE-2024-9341",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9341](https://nvd.nist.gov/vuln/detail/CVE-2024-9341)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.2,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9341"
},
{
"cve": "CVE-2023-27043",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2023-27043](https://nvd.nist.gov/vuln/detail/CVE-2023-27043)",
"title": "Details"
},
{
"category": "description",
"text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2024-9287",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-9287](https://nvd.nist.gov/vuln/detail/CVE-2024-9287)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-9287"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6232](https://nvd.nist.gov/vuln/detail/CVE-2024-6232)",
"title": "Details"
},
{
"category": "description",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Remote Code Execution in pypa/setuptools"
},
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-6345](https://nvd.nist.gov/vuln/detail/CVE-2024-6345)",
"title": "Details"
},
{
"category": "description",
"text": "A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-6345"
},
{
"cve": "CVE-2024-12084",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12084](https://nvd.nist.gov/vuln/detail/CVE-2024-12084)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12084"
},
{
"cve": "CVE-2024-12085",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12085](https://nvd.nist.gov/vuln/detail/CVE-2024-12085)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12085"
},
{
"cve": "CVE-2024-12086",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12086](https://nvd.nist.gov/vuln/detail/CVE-2024-12086)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client\u0027s machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.1,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12086"
},
{
"cve": "CVE-2024-12087",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12087](https://nvd.nist.gov/vuln/detail/CVE-2024-12087)",
"title": "Details"
},
{
"category": "description",
"text": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client\u0027s intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12087"
},
{
"cve": "CVE-2024-12088",
"cwe": {
"id": "CWE-35",
"name": "Path Traversal: \u0027.../...//\u0027"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12088](https://nvd.nist.gov/vuln/detail/CVE-2024-12088)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12088"
},
{
"cve": "CVE-2024-12747",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-12747](https://nvd.nist.gov/vuln/detail/CVE-2024-12747)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync\u0027s handling of symbolic links. Rsync\u0027s default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 5.6,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 5.6,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-12747"
},
{
"cve": "CVE-2022-0530",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0530](https://nvd.nist.gov/vuln/detail/CVE-2022-0530)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0530"
},
{
"cve": "CVE-2022-0529",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2022-0529](https://nvd.nist.gov/vuln/detail/CVE-2022-0529)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2022-0529"
},
{
"cve": "CVE-2021-4217",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2021-4217](https://nvd.nist.gov/vuln/detail/CVE-2021-4217)",
"title": "Details"
},
{
"category": "description",
"text": "A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2021-4217"
},
{
"cve": "CVE-2018-1000035",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-1000035](https://nvd.nist.gov/vuln/detail/CVE-2018-1000035)",
"title": "Details"
},
{
"category": "description",
"text": "A heap-based buffer overflow exists in Info-Zip UnZip version \u003c= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-1000035"
},
{
"cve": "CVE-2018-18384",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2018-18384](https://nvd.nist.gov/vuln/detail/CVE-2018-18384)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size value, because a buffer size is 10 and is supposed to be 12.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2018-18384"
},
{
"cve": "CVE-2016-9844",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2016-9844](https://nvd.nist.gov/vuln/detail/CVE-2016-9844)",
"title": "Details"
},
{
"category": "description",
"text": "Buffer overflow in the zi_short function in zipinfo.c in Info-Zip UnZip 6.0 allows remote attackers to cause a denial of service (crash) via a large compression method value in the central directory file header.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2016-9844"
},
{
"cve": "CVE-2019-13232",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2019-13232](https://nvd.nist.gov/vuln/detail/CVE-2019-13232)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service (resource consumption), aka a \"better zip bomb\" issue.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.3,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 3.3,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
{
"cvss_v2": {
"baseScore": 2.1,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2019-13232"
},
{
"cve": "CVE-2015-7696",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7696](https://nvd.nist.gov/vuln/detail/CVE-2015-7696)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 6.8,
"integrityImpact": "PARTIAL",
"temporalScore": 6.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7696"
},
{
"cve": "CVE-2015-7697",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2015-7697](https://nvd.nist.gov/vuln/detail/CVE-2015-7697)",
"title": "Details"
},
{
"category": "description",
"text": "Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v2": {
"baseScore": 4.3,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2015-7697"
},
{
"cve": "CVE-2024-38428",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-38428](https://nvd.nist.gov/vuln/detail/CVE-2024-38428)",
"title": "Details"
},
{
"category": "description",
"text": "url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-38428"
},
{
"cve": "CVE-2024-10524",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "details",
"text": "[https://nvd.nist.gov/vuln/detail/CVE-2024-10524](https://nvd.nist.gov/vuln/detail/CVE-2024-10524)",
"title": "Details"
},
{
"category": "description",
"text": "Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-32004",
"CSAFPID-32005",
"CSAFPID-32007"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Update to the latest 2025.0.2 Firmware Release. PHOENIX CONTACT recommends to always use an up-to-date version of the PLCnext Engineer.",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-31004",
"CSAFPID-31005",
"CSAFPID-31007"
]
}
],
"title": "CVE-2024-10524"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…